We have enabled HTTPS-Only mode, therefore we do not need
HTTPS-Everywhere anymore.
However, we want to keep supporting .tor.onion aliases (especially for
securedrop).
Therefore, in this patch we implemented the parsing of HTTPS-Everywhere
rulesets, and the redirect of .tor.onion domains.
Actually, Tor Browser believes they are actual domains. We change them
on the fly on the SOCKS proxy requests to resolve the domain, and on
the code that verifies HTTPS certificates.

Alex Catarineu authored 5 years ago and Pier Angelo Vendrame committed 1 year ago

Whenever a valid Onion-Location HTTP header (or corresponding HTML
<meta> http-equiv attribute) is found in a document load, we either
redirect to it (if the user opted-in via preference) or notify the
presence of an onionsite alternative with a badge in the urlbar.

henry authored 2 years ago and Pier Angelo Vendrame committed 1 year ago

tor-browser#41285: Enable fluent warnings.

Kathleen Brade authored 10 years ago and Pier Angelo Vendrame committed 1 year ago

Allow using NSS on all platforms for checking MAR signatures (instead
  of using OS-native APIs, the default on Mac OS and Windows).
  So that the NSS and NSPR libraries the updater depends on can be
  found at runtime, we add the firefox directory to the shared library
  search path on macOS.
  On Linux, rpath is used to solve that problem, but that approach
  won't work on macOS because the updater executable is copied during
  the update process to a location that can vary.

Bug 1768907 - Part 1: Make browser.privatebrowsing.autostart a static pref. r=handyman,necko-reviewers

Differential Revision: https://phabricator.services.mozilla.com/D157843

Due to design constraints, it is difficult for osclientcerts to properly
indicate whether or not each known key supports RSA-PSS. Ideally such a
determination would be made close to when a particular key is going to be used,
but due to the design of PKCS#11 and NSS' tight coupling to it, osclientcerts
would have to make this determination when searching for all known keys, which
has been shown to be prohibitively slow on Windows and results in unexpected
dialogs on macOS.

Thus, previously osclientcerts simply assumed all RSA keys supported RSA-PSS.
This has resulted in handshake failures when a server indicates that it accepts
RSA-PSS signatures.

This patch instead makes RSA-PSS support configurable via a pref
(security.osclientcerts.assume_rsa_pss_support). If the pref is true,
osclientcerts assumes all RSA keys support RSA-PSS. If it is false, it assumes
no RSA keys support RSA-PSS.

Differential Revision: https://phabricator.services.mozilla.com/D178241

Differential Revision: https://phabricator.services.mozilla.com/D175789

This patch ensures that Windows ARM users will use the ARM clearkey
plugin over the x86 plugin by default. We continue to ship with the x86
plugin at this time, so the users could switch back if necessary.

Differential Revision: https://phabricator.services.mozilla.com/D171876

Bug 1819661 - Use ARM clearkey plugin instead of x86 plugin on Windows ARM in nightly. r=media-playback-reviewers,alwu, a=dsmith

Differential Revision: https://phabricator.services.mozilla.com/D171357

This patch adds the ability for Windows on ARM to launch either x86 or
ARM Widevine plugins. It also adds the ability for Windows on x86 to
refuse ARM binaries in case, for example, a profile is transferred
between machines.

Overall this should be a non-functional change for users at the time of
landing. It does however allow us to ship the ARM Widevine plugin to
Windows ARM users to workaround a plugin crash with the x86 Widevine
plugin. This only affects Windows 10 users (Windows 11 works fine).

Differential Revision: https://phabricator.services.mozilla.com/D167634

Differential Revision: https://phabricator.services.mozilla.com/D162392

Differential Revision: https://phabricator.services.mozilla.com/D160989

This prevents a11y from getting instantiated shortly after clipboard paste, in
order to prevent hangs with the Windows 11 suggested actions feature.

When combined with the previous patch, the behavior is the following:

 * For users with a11y already-enabled:

   * No hang (due to clipboard flush).
   * Quick actions menu is positioned at selection offset.

 * For users with a11y disabled (most):

   * No hang (due to no a11y instantiation + clipboard flush).
   * Quick actions menu is positioned at pointer (cursor) offset.

Co-Authored-By: Emilio Cobos Álvarez <emilio@crisal.io>

Differential Revision: https://phabricator.services.mozilla.com/D160652

Depends on D160646

Bug 1774285 - On Windows 11 22H2, flush the Windows clipboard immediately after setting it. r=neildeakin, a=dmeehan


This works around a windows 11 suggested actions bug, see comment.

Differential Revision: https://phabricator.services.mozilla.com/D160646

Differential Revision: https://phabricator.services.mozilla.com/D161059

Bug 1791689 - StaticPrefList network.proxy.allow_bypass checks MOZ_PROXY_BYPASS_PROTECTION for default value. r=robwu, a=RyanVM

Differential Revision: https://phabricator.services.mozilla.com/D157774

Differential Revision: https://phabricator.services.mozilla.com/D156903

There are compat issues with the approach.  There are future plans to restore the functionality but only when typing into a text area.

Differential Revision: https://phabricator.services.mozilla.com/D155275

Differential Revision: https://phabricator.services.mozilla.com/D150457

Differential Revision: https://phabricator.services.mozilla.com/D149404

Bug 1775102 - Disable security.block_fileuri_script_with_wrong_mime outside of early beta or earlier. r=ckerschb a=pascalc

Differential Revision: https://phabricator.services.mozilla.com/D149774

Differential Revision: https://phabricator.services.mozilla.com/D147885

Bug 1769669 - require specifying the trusted root in content signature verifier (patch for beta) r=jschanck,barret a=pascalc



Before this patch, the content signature verifier
(nsIContentSignatureVerifier/ContentSignatureVerifier) would identify the root
it trusted based on the value of a preference. This patch changes the
implementation to require a specified hard-coded root to trust as with add-on
signature verification.

Depends on D148428

Test Plan:
https://treeherder.mozilla.org/jobs?repo=try&revision=11a43a92595dffded72d1044c1c9b756d738a64e

Differential Revision: https://phabricator.services.mozilla.com/D148429

Differential Revision: https://phabricator.services.mozilla.com/D148508

Differential Revision: https://phabricator.services.mozilla.com/D145895

Differential Revision: https://phabricator.services.mozilla.com/D145785

Bug 1730284 - Use whether the embedder element intersects the viewport to decide whether to throttle in-process iframes. r=smaug

This is more likely to be understandable by developers, matches other
browsers more closely (see bug comments), and seems more in-line with
what we do for OOP iframes.

Add a pref to not do this throttling at all (which would match Chrome),
though this is probably good enough for now.

Differential Revision: https://phabricator.services.mozilla.com/D146574

Differential Revision: https://phabricator.services.mozilla.com/D146969

Differential Revision: https://phabricator.services.mozilla.com/D144898

Backed out 2 changesets (bug 1730284) for causing devtools,web-platform and mochitest failures CLOSED TREE

Backed out changeset 98834b863104 (bug 1730284)
Backed out changeset 1ec157459e8c (bug 1730284)

Bug 1730284 - Use whether the embedder element intersects the viewport to decide whether to throttle in-process iframes. r=smaug

This is more likely to be understandable by developers, matches other
browsers more closely (see bug comments), and seems more in-line with
what we do for OOP iframes.

Add a pref to not do this throttling at all (which would match Chrome),
though this is probably good enough for now.

Differential Revision: https://phabricator.services.mozilla.com/D146574

Differential Revision: https://phabricator.services.mozilla.com/D146965

Differential Revision: https://phabricator.services.mozilla.com/D147169

Bug 1738574 - add an option to put downloads in tmp to start with, r=mak,mkaply,fluent-reviewers,flod

Differential Revision: https://phabricator.services.mozilla.com/D146719

Differential Revision: https://phabricator.services.mozilla.com/D146712

Backed out changeset 859a07722632 (bug 1767549)
Backed out changeset 46187304029d (bug 1767549)
Backed out changeset 8aa67afb67c4 (bug 1767549)
Backed out changeset 75326cb6e15e (bug 1767549)

Differential Revision: https://phabricator.services.mozilla.com/D146712

Differential Revision: https://phabricator.services.mozilla.com/D146793

Backed out changeset 7feecbf279d4 (bug 1759418)
Backed out changeset dbf65a66ad3f (bug 1759418)
Backed out changeset 013930ed617f (bug 1759418)