fixup! Bug 1832832 - protect encoder accesses in Java callbacks. r=media-playback-reviewers,alwu a=pascalc

- MOZ_GUARDED_BY is just GUARDED_BY in esr 102

Differential Revision: https://phabricator.services.mozilla.com/D178564

fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection

Bug 41802: Improve the regex on parseBridgeLine

The previous version of the regex took for granted the bridge
fingerprint was always available, but it is actually optional.
So, parsing some bridge lines (e.g., Conjure) failed, and vanilla
bridge was displayed instead of the actual transport.

Bug 41792: Allow dragging downloads from about:downloads and the download panel

Bug 40552: New texts for the add a bridge manually modal

fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection

Bug 40552: Improve the description of the modal to provide a bridge
manually.

Bug 41801: Fix handleProcessReady in TorSettings.init

For now this function only deletes old language packs for which we are
already packaging the strings with the application.

This patch associates the about:manual page to a translated page that
must be injected to browser/omni.ja after the build.
The content must be placed in chrome/browser/content/browser/manual/, so
that is then available at chrome://browser/content/manual/.
We preferred giving absolute freedom to the web team, rather than having
to change the patch in case of changes on the documentation.

We have enabled HTTPS-Only mode, therefore we do not need
HTTPS-Everywhere anymore.
However, we want to keep supporting .tor.onion aliases (especially for
securedrop).
Therefore, in this patch we implemented the parsing of HTTPS-Everywhere
rulesets, and the redirect of .tor.onion domains.
Actually, Tor Browser believes they are actual domains. We change them
on the fly on the SOCKS proxy requests to resolve the domain, and on
the code that verifies HTTPS certificates.

henry authored 1 year ago and Pier Angelo Vendrame committed 1 year ago

Bug 41608 - Use the same styling for ".onion available" urlbar button as
the tor-connect-urlbar-button. This also stops the button from
overflowing its container like before. Also move to after the bookmark
button.

Alex Catarineu authored 5 years ago and Pier Angelo Vendrame committed 1 year ago

Whenever a valid Onion-Location HTTP header (or corresponding HTML
<meta> http-equiv attribute) is found in a document load, we either
redirect to it (if the user opted-in via preference) or notify the
presence of an onionsite alternative with a badge in the urlbar.

Kathleen Brade authored 5 years ago and Pier Angelo Vendrame committed 1 year ago

When Tor informs the browser that client authentication is needed,
temporarily load about:blank instead of about:neterror and prompt
for the user's key.

If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD
control port command to add the key (via Torbutton's control port
module) and reload the page.

If the user cancels the prompt, display the standard about:neterror
"Unable to connect" page. This requires a small change to
browser/actors/NetErrorChild.jsm to account for the fact that the
docShell no longer has the failedChannel information. The failedChannel
is used to extract TLS-related error info, which is not applicable
in the case of a canceled .onion authentication prompt.

Add a leaveOpen option to PopupNotifications.show so we can display
error messages within the popup notification doorhanger without
closing the prompt.

Add support for onion services strings to the TorStrings module.

Add support for Tor extended SOCKS errors (Tor proposal 304) to the
socket transport and SOCKS layers. Improved display of all of these
errors will be implemented as part of bug 30025.

Also fixes bug 19757:
 Add a "Remember this key" checkbox to the client auth prompt.

 Add an "Onion Services Authentication" section within the
 about:preferences "Privacy & Security section" to allow
 viewing and removal of v3 onion client auth keys that have
 been stored on disk.

Also fixes bug 19251: use enhanced error pages for onion service errors.

cypherpunks1 authored 1 year ago and Pier Angelo Vendrame committed 1 year ago

Bug 41785: Show http onion resources as secure in network monitor

cypherpunks1 authored 1 year ago and Pier Angelo Vendrame committed 1 year ago

Bug 33298: Warn when submitting form data from http onion sites over an insecure connection

Richard Pospesel authored 6 years ago and Pier Angelo Vendrame committed 1 year ago

Encrypting pages hosted on Onion Services with SSL/TLS is redundant
(in terms of hiding content) as all traffic within the Tor network is
already fully encrypted.  Therefore, serving HTTP pages from an Onion
Service is more or less fine.

Prior to this patch, Tor Browser would mostly treat pages delivered
via Onion Services as well as pages delivered in the ordinary fashion
over the internet in the same way.  This created some inconsistencies
in behaviour and misinformation presented to the user relating to the
security of pages delivered via Onion Services:

 - HTTP Onion Service pages did not have any 'lock' icon indicating
   the site was secure
 - HTTP Onion Service pages would be marked as unencrypted in the Page
   Info screen
 - Mixed-mode content restrictions did not apply to HTTP Onion Service
   pages embedding Non-Onion HTTP content

This patch fixes the above issues, and also adds several new 'Onion'
icons to the mix to indicate all of the various permutations of Onion
Services hosted HTTP or HTTPS pages with HTTP or HTTPS content.

Strings for Onion Service Page Info page are pulled from Torbutton's
localization strings.

Alex Catarineu authored 4 years ago and Pier Angelo Vendrame committed 1 year ago

In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented
fetching the Public Suffix List via RemoteSettings and replacing the default
one at runtime, which we do not want.

Mike Perry authored 7 years ago and Pier Angelo Vendrame committed 1 year ago

eBay and Amazon don't treat Tor users very well. Accounts often get locked and
payments reversed.

Also:
Bug 16322: Update DuckDuckGo search engine

We are replacing the clearnet URL with an onion service one (thanks to a
patch by a cypherpunk) and are removing the duplicated DDG search
engine. Duplicating DDG happend due to bug 1061736 where Mozilla
included DDG itself into Firefox. Interestingly, this caused breaking
the DDG search if JavaScript is disabled as the Mozilla engine, which
gets loaded earlier, does not use the html version of the search page.
Moreover, the Mozilla engine tracked where the users were searching from
by adding a respective parameter to the search query. We got rid of that
feature as well.

Also:
This fixes bug 20809: the DuckDuckGo team has changed its server-side
code in a way that lets users with JavaScript enabled use the default
landing page while those without JavaScript available get redirected
directly to the non-JS page. We adapt the search engine URLs
accordingly.

Also fixes bug 29798 by making sure we only specify the Google search
engine we actually ship an .xml file for.

Also regression tests.

squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing

Bug 40494: Update Startpage search provider

squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing

Bug 40438: Add Blockchair as a search engine

Bug 33342: Avoid disconnect search addon error after removal.

We removed the addon in #32767, but it was still being loaded
from addonStartup.json.lz4 and throwing an error on startup
because its resource: location is not available anymore.

Georg Koppen authored 5 years ago and Pier Angelo Vendrame committed 1 year ago

It's time for our rotation again: Move the backup key in the front
position and add a new backup key.

Bug 33803: Move our primary nightly MAR signing key to tor-browser

Bug 33803: Add a secondary nightly MAR signing key

Kathleen Brade authored 9 years ago and Pier Angelo Vendrame committed 1 year ago

Add an about:tbupdate page that displays the first section from
TorBrowser/Docs/ChangeLog.txt and includes a link to the remote
post-update page (typically our blog entry for the release).

Always load about:tbupdate in a content process, but implement the
code that reads the file system (changelog) in the chrome process
for compatibility with future sandboxing efforts.

Also fix bug 29440. Now about:tbupdate is styled as a fairly simple
changelog page that is designed to be displayed via a link that is on
about:tor.

Kathleen Brade authored 8 years ago and Pier Angelo Vendrame committed 1 year ago

This is a partial revert of commit f1241db6.

Revert most changes from Mozilla Bug 862173 "don't verify mar file hash
when using mar signing to verify the mar file (lessens main thread I/O)."

We kept the addition to the AppConstants API in case other JS code
references it in the future.

Bug 41776 (fix): Added some missing lines to the previous patch

Bug 41776: Keep shipping the old fontconfig file until users have one

This commit was once part of "Bug 4234: Use the Firefox Update Process
for Tor Browser.".
However, some parts of it were not needed for Base Browser and some
derivative browsers.
Therefore, we extracted from that commit the parts for Tor Browser
legacy, and we add them back to the patch set with this commit.

Arthur Edelstein authored 10 years ago and Pier Angelo Vendrame committed 1 year ago

Regression tests for Bug #2950: Make Permissions Manager memory-only

Regression tests for TB4: Tor Browser's Firefox preference overrides.

Note: many more functional tests could be made here

Regression tests for #2874: Block Components.interfaces from content

Bug 18923: Add a script to run all Tor Browser specific tests

Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt.

henry authored 1 year ago and Pier Angelo Vendrame committed 1 year ago

Bug 41608 and 41526 - Use KeyboardEvent.repeat to block triggering newly
focused buttons in about:torconnect. The approach in tor-browser!607
prevented this by waiting for keyup, but keyup could still be triggered
by a key event initialized elsewhere. E.g. when pressing Enter to close
a modal dialog, the Enter's keyup event would be sent to the
about:torconnect page and trigger the focused button.

henry authored 1 year ago and Pier Angelo Vendrame committed 1 year ago

Bug 27476: Implement about:torconnect captive portal within Tor Browser

- implements new about:torconnect page as tor-launcher replacement
- adds new torconnect component to browser
- tor process management functionality remains implemented in tor-launcher through the TorProtocolService module
- adds warning/error box to about:preferences#tor when not connected to tor

Bug 40773: Update the about:torconnect frontend page to match additional UI flows.

Bug 41608: Add a toolbar status button and a urlbar "Connect" button.

Richard Pospesel authored 3 years ago and Pier Angelo Vendrame committed 1 year ago

- implements new about:torconnect page as tor-launcher replacement
- adds tor connection status to url bar and tweaks UX when not online
- adds new torconnect component to browser
- tor process management functionality remains implemented in tor-launcher through the TorProtocolService module
- adds warning/error box to about:preferences#tor when not connected to tor
- explicitly allows about:torconnect URIs to ignore Resist Fingerprinting (RFP)
- various tweaks to info-pages.inc.css for about:torconnect (also affects other firefox info pages)

Bug 40773: Update the about:torconnect frontend page to match additional UI flows

henry authored 1 year ago and Pier Angelo Vendrame committed 1 year ago

fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection

Bug 41608 - Use the torconnect icon for the onion slash.

Richard Pospesel authored 5 years ago and Pier Angelo Vendrame committed 1 year ago

This patch adds a new about:preferences#connection page which allows
modifying bridge, proxy, and firewall settings from within Tor Browser.
All of the functionality present in tor-launcher's Network
Configuration panel is present:

 - Setting built-in bridges
 - Requesting bridges from BridgeDB via moat
 - Using user-provided bridges
 - Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies
 - Setting firewall ports
 - Viewing and Copying Tor's logs
 - The Networking Settings in General preferences has been removed

Bug 40774: Update about:preferences page to match new UI designs

Kathleen Brade authored 10 years ago and Pier Angelo Vendrame committed 1 year ago

Instead of always reporting that the profile is locked, display specific
messages for "access denied" and "read-only file system".

To allow for localization, get profile-related error strings from Torbutton.
Use app display name ("Tor Browser") in profile-related error alerts.

henry authored 1 year ago and Pier Angelo Vendrame committed 1 year ago

Bug 41608 - Add new connection status strings.

Matthew Finkel authored 6 years ago and Pier Angelo Vendrame committed 1 year ago

The browser should not need information related to the network
interface or network state, tor should take care of that.