We have enabled HTTPS-Only mode, therefore we do not need
HTTPS-Everywhere anymore.
However, we want to keep supporting .tor.onion aliases (especially for
securedrop).
Therefore, in this patch we implemented the parsing of HTTPS-Everywhere
rulesets, and the redirect of .tor.onion domains.
Actually, Tor Browser believes they are actual domains. We change them
on the fly on the SOCKS proxy requests to resolve the domain, and on
the code that verifies HTTPS certificates.

Kathleen Brade authored 5 years ago and Pier Angelo Vendrame committed 1 year ago

When Tor informs the browser that client authentication is needed,
temporarily load about:blank instead of about:neterror and prompt
for the user's key.

If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD
control port command to add the key (via Torbutton's control port
module) and reload the page.

If the user cancels the prompt, display the standard about:neterror
"Unable to connect" page. This requires a small change to
browser/actors/NetErrorChild.jsm to account for the fact that the
docShell no longer has the failedChannel information. The failedChannel
is used to extract TLS-related error info, which is not applicable
in the case of a canceled .onion authentication prompt.

Add a leaveOpen option to PopupNotifications.show so we can display
error messages within the popup notification doorhanger without
closing the prompt.

Add support for onion services strings to the TorStrings module.

Add support for Tor extended SOCKS errors (Tor proposal 304) to the
socket transport and SOCKS layers. Improved display of all of these
errors will be implemented as part of bug 30025.

Also fixes bug 19757:
 Add a "Remember this key" checkbox to the client auth prompt.

 Add an "Onion Services Authentication" section within the
 about:preferences "Privacy & Security section" to allow
 viewing and removal of v3 onion client auth keys that have
 been stored on disk.

Also fixes bug 19251: use enhanced error pages for onion service errors.

Firefox computes an internal network ID used to detect network changes
and act consequently (e.g., to improve WebSocket UX).
However, there are a few ways to get this internal network ID, so we
patch them out, to be sure any new code will not be able to use them and
possibly link users.

We also sent a patch to Mozilla to seed the internal network ID, to
prevent any accidental leak in the future.
Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1817756

Alex Catarineu authored 5 years ago and Pier Angelo Vendrame committed 1 year ago

More concretely, SearchService.jsm 'hijack-blocklists' and
url-classifier-skip-urls.

Avoid creating instance for 'anti-tracking-url-decoration'.

If prefs are disabling their usage, avoid creating instances for
'cert-revocations' and 'intermediates'.

Do not ship JSON dumps for collections we do not expect to need. For
the ones in the 'main' bucket, this prevents them from being synced
unnecessarily (the code in remote-settings does so for collections
in the main bucket for which a dump or local data exists). For the
collections in the other buckets, we just save some size by not
shipping their dumps.

We also clear the collections database on the v2 -> v3 migration.

Mike Perry authored 10 years ago and Pier Angelo Vendrame committed 1 year ago

The Mozilla bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1046421,
https://bugzilla.mozilla.org/show_bug.cgi?id=1261591, tor-browser#27602

Marco Simonelli authored 2 years ago and Pier Angelo Vendrame committed 1 year ago

- fixes requried to build netwerk/sctp

This helps to prevent linkability of users in the same network.

Differential Revision: https://phabricator.services.mozilla.com/D170373

Bug 1768907 - Part 1: Make browser.privatebrowsing.autostart a static pref. r=handyman,necko-reviewers

Differential Revision: https://phabricator.services.mozilla.com/D157843

Bug 1818394 - make nsHttpTransaction::mCaps and HttpTransactionParent::mCaps atomic. r=necko-reviewers,jesup a=RyanVM

Differential Revision: https://phabricator.services.mozilla.com/D177279

Differential Revision: https://phabricator.services.mozilla.com/D177748

Differential Revision: https://phabricator.services.mozilla.com/D176631

Differential Revision: https://phabricator.services.mozilla.com/D175622

Differential Revision: https://phabricator.services.mozilla.com/D175343

Bug 1815062, move filename and extension validity checks into SanitizeFileName so that they get called after sanitization is complete, r=Gijs,necko-reviewers a=RyanVM

For now, this leaves existing callers of DownloadPaths.sanitize as is using a flag.

Differential Revision: https://phabricator.services.mozilla.com/D174190

Differential Revision: https://phabricator.services.mozilla.com/D170965

Bug 1784348 - improve checks while parsing MIME parameters. r=necko-reviewers,jesup,valentin, a=RyanVM

Differential Revision: https://phabricator.services.mozilla.com/D172110

It needs to be a recursive mutex instead of a regular one in case
`nsStreamLoader::WriteSegmentFun` closes the stream while holding the mutex.

Differential Revision: https://phabricator.services.mozilla.com/D171746

Bug 1818357 - Guard nsBufferedStream::mBuffer with recursive mutex r=necko-reviewers,jesup, a=dsmith

It needs to be a recursive mutex instead of a regular one in case
`nsStreamLoader::WriteSegmentFun` closes the stream while holding the mutex.

Differential Revision: https://phabricator.services.mozilla.com/D171746

Bug 1814217 - Dispatch release of main thread objects in ~nsHttpChannel r=necko-reviewers,jesup, a=dsmith

The patch also adds a diagnostic assert that the objects have actually been released in nsHttpChannel::ReleaseListeners

Differential Revision: https://phabricator.services.mozilla.com/D171717

Differential Revision: https://phabricator.services.mozilla.com/D172999

Differential Revision: https://phabricator.services.mozilla.com/D172400

Differential Revision: https://phabricator.services.mozilla.com/D171454

No Bug, mozilla-esr102 repo-update HSTS HPKP remote-settings tld-suffixes - a=repo-update, r=dmeehan

Differential Revision: https://phabricator.services.mozilla.com/D171068

Bug 1811627 - ThrottleQueue::Available should return max aRemaining r=necko-reviewers,kershaw, a=dmeehan

Differential Revision: https://phabricator.services.mozilla.com/D170361

Differential Revision: https://phabricator.services.mozilla.com/D170086

No Bug, mozilla-esr102 repo-update HSTS HPKP remote-settings tld-suffixes - a=repo-update, r=dmeehan

Differential Revision: https://phabricator.services.mozilla.com/D170738

No Bug, mozilla-esr102 repo-update HSTS HPKP remote-settings tld-suffixes - a=repo-update, r=dmeehan

Differential Revision: https://phabricator.services.mozilla.com/D170052

Differential Revision: https://phabricator.services.mozilla.com/D169637

Differential Revision: https://phabricator.services.mozilla.com/D168444

Differential Revision: https://phabricator.services.mozilla.com/D168657

Differential Revision: https://phabricator.services.mozilla.com/D168241

Previously we'd always read the full stream, but if an aCount lower than
the actual size of the stream is provided, we should only encode that
many bytes.

This patch also improves handling of streams shorter than aCount bytes,
ensuring that the generated string is of the correct length.

Differential Revision: https://phabricator.services.mozilla.com/D166941

Differential Revision: https://phabricator.services.mozilla.com/D165564

Bug 1795697: Update Tsan suppressions for libusrsctp, and add a stack unwind to help avoid reentrancy problems. r=decoder,ng a=RyanVM

Differential Revision: https://phabricator.services.mozilla.com/D159617

Differential Revision: https://phabricator.services.mozilla.com/D159616

Differential Revision: https://phabricator.services.mozilla.com/D164447