Skip to content
Snippets Groups Projects
  1. May 29, 2023
    • Kathleen Brade's avatar
      Bug 13379: Allow using NSS to sign and verify MAR signatures · f31c60fd
      Kathleen Brade authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Allow using NSS on all platforms for checking MAR signatures (instead
        of using OS-native APIs, the default on Mac OS and Windows).
        So that the NSS and NSPR libraries the updater depends on can be
        found at runtime, we add the firefox directory to the shared library
        search path on macOS.
        On Linux, rpath is used to solve that problem, but that approach
        won't work on macOS because the updater executable is copied during
        the update process to a location that can vary.
      Verified
      f31c60fd
    • Pier Angelo Vendrame's avatar
      Bug 41542: Disable the creation of a default profile · aa2afcee
      Pier Angelo Vendrame authored
      Firefox creates a profile as a fallback for old versions.
      However, we do not need this, so we want to prevent Firefox from
      creating the related directories.
      
      We comment out the code, but should Mozilla be interested in a
      compile-time flag, we could rewrite the patch to add one.
      
      See also https://bugzilla.mozilla.org/show_bug.cgi?id=1770174.
      Verified
      aa2afcee
    • henry's avatar
      Bug 31575: Disable Firefox Home (Activity Stream) · b4f91cf6
      henry authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Treat about:blank as the default home page and new tab page.
      
      Avoid loading AboutNewTab in BrowserGlue.jsm in order
      to avoid several network requests that we do not need.
      
      Bug 41624: Disable about:pocket-* pages and about:firefoxview.
      
      Bug 40144: Redirect about:privatebrowsing to the user's home
      Verified
      b4f91cf6
    • Pier Angelo Vendrame's avatar
      Bug 41603: Customize the creation of MOZ_SOURCE_URL · 9e447e40
      Pier Angelo Vendrame authored
      MOZ_SOURCE_URL is created by combining MOZ_SOURCE_REPO and
      MOZ_SOURCE_CHANGESET.
      But the code takes for granted that it refers to a Hg instance, so it
      combines them as `$MOZ_SOURCE_REPO/rev/$MOZ_SOURCE_CHANGESET`.
      With this commit, we change this logic to combine them to create a URL
      that is valid for GitLab.
      $MOZ_SOURCE_CHANGESET needs to be a commit hash, not a branch or a tag.
      If that is needed, we could use /-/tree/, instead of /-/commit/.
      Verified
      9e447e40
    • Arthur Edelstein's avatar
      Bug 18905: Hide unwanted items from help menu · 6838297d
      Arthur Edelstein authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Bug 25660: Remove the "New Private Window" option
      Verified
      6838297d
    • p13dz's avatar
      Bug 40283: Workaround for the file upload bug · e337e776
      p13dz authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Verified
      e337e776
    • henry's avatar
      Bug 41371: Temporary hack to fix language selector popup position · 6696cf02
      henry authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Verified
      6696cf02
    • Pier Angelo Vendrame's avatar
      Bug 41369: Improve Firefox language settings for multi-lingual packages · 0e1fcf0b
      Pier Angelo Vendrame authored
      Change the language selector to be sorted by language code, rather than
      name, and to display the language code to the user.
      
      Bug 41372: Handle Japanese as a special case in preferences on macOS
      
      Japanese is treated in a special way on macOS. However, seeing the
      Japanese language tag could be confusing for users, and moreover the
      language name is not localized correctly like other langs.
      
      Bug 41378: Tell users that they can change their language at the first start
      
      With multi-lingual builds, Tor Browser matches the user's system
      language, but some users might want to change it.
      So, we tell them that it is possible, but only once.
      Verified
      0e1fcf0b
    • ma1's avatar
    • ma1's avatar
      Bug 32308: use direct browser sizing for letterboxing. · 2f67626c
      ma1 authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Verified
      2f67626c
    • ma1's avatar
      Bug 32411: Letterboxing, exempt view-source: URIs. · 2870c4c0
      ma1 authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Verified
      2870c4c0
    • ma1's avatar
      Bug 31064: Letterboxing, exempt browser extensions. · 1be35a46
      ma1 authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Verified
      1be35a46
    • ma1's avatar
      Bug 41434: Letterboxing, improve logging. · b78c437c
      ma1 authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Verified
      b78c437c
    • ma1's avatar
      Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to... · 88b7c4de
      ma1 authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs.
      Verified
      88b7c4de
    • Pier Angelo Vendrame's avatar
      Base Browser strings · edbc927b
      Pier Angelo Vendrame authored
      This commit adds all the strings needed by following Base Browser
      patches.
      Verified
      edbc927b
    • Matthew Finkel's avatar
    • Pier Angelo Vendrame's avatar
      Bug 40309: Avoid using regional OS locales · 0b4e5e7e
      Pier Angelo Vendrame authored
      Avoid regional OS locales if the pref
      `intl.regional_prefs.use_os_locales` is false but RFP is enabled.
      Verified
      0b4e5e7e
    • Igor Oliveira's avatar
      Bug 23104: Add a default line height compensation · 0ac9d766
      Igor Oliveira authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Many fonts have issues with their vertical metrics. they
      are used to influence the height of ascenders and depth
      of descenders. Gecko uses it to calculate the line height
      (font height + ascender + descender), however because of
      that idiosyncratic behavior across multiple operating
      systems, it can be used to identify the user's OS.
      
      The solution proposed in the patch uses a default factor
      to be multiplied with the font size, simulating the concept
      of ascender and descender. This way all operating
      systems will have the same line height only and only if the
      frame is outside the chrome.
      Verified
      0ac9d766
    • Mike Perry's avatar
      Bug 13028: Prevent potential proxy bypass cases. · 1665d110
      Mike Perry authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      It looks like these cases should only be invoked in the NSS command line
      tools, and not the browser, but I decided to patch them anyway because there
      literally is a maze of network function pointers being passed around, and it's
      very hard to tell if some random code might not pass in the proper proxied
      versions of the networking code here by accident.
      
      Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1433509
      Verified
      1665d110
    • Alex Catarineu's avatar
    • Pier Angelo Vendrame's avatar
      Bug 9173: Change the default Firefox profile directory to be relative. · 02a4f59c
      Pier Angelo Vendrame authored
      This commit makes Firefox look for the default profile directory in a
      directory relative to the binary path.
      The directory can be specified through the --with-relative-data-dir.
      This is relative to the same directory as the firefox main binary for
      Linux and Windows.
      
      On macOS, we remove Contents/MacOS from it.
      Or, in other words, the directory is relative to the application
      bundle.
      
      This behavior can be overriden at runtime, by placing a file called
      system-install adjacent to the firefox main binary (also on macOS).
      Verified
      02a4f59c
    • Alex Catarineu's avatar
      Bug 26345: Hide tracking protection UI · a08847ff
      Alex Catarineu authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Verified
      a08847ff
    • Alex Catarineu's avatar
    • Alex Catarineu's avatar
    • Alex Catarineu's avatar
      Bug 30605: Honor privacy.spoof_english in Android · aae3587d
      Alex Catarineu authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      This checks `privacy.spoof_english` whenever `setLocales` is
      called from Fenix side and sets `intl.accept_languages`
      accordingly.
      
      Bug 40198: Expose privacy.spoof_english pref in GeckoView
      Verified
      aae3587d
    • Pier Angelo Vendrame's avatar
      Bug 41043: Hardcode the UI font on Linux · 97d8a03a
      Pier Angelo Vendrame authored
      The mechanism to choose the UI font does not play well with our
      fontconfig configuration. As a result, the final criterion to choose
      the font for the UI was its version.
      
      Since we hardcode Arimo as a default sans-serif on preferences, we use
      it also for the UI. FontConfig will fall back to some other font for
      scripts Arimo does not cover as expected (we tested with Japanese).
      Verified
      97d8a03a
    • Richard Pospesel's avatar
      Verified
      f786bce7
    • Pier Angelo Vendrame's avatar
      fixup! Firefox preference overrides. · be473441
      Pier Angelo Vendrame authored
      Bug 41732: Use font.system.whitelist also on Linux as a defense-in-depth
      Verified
      be473441
    • ma1's avatar
      fixup! Firefox preference overrides. · 26280171
      ma1 authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Verified
      26280171
    • Mike Perry's avatar
      Firefox preference overrides. · 7d2822e9
      Mike Perry authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      This hack directly includes our preference changes in omni.ja.
      
      Bug 18292: Staged updates fail on Windows
      
      Temporarily disable staged updates on Windows.
      
      Bug 18297: Use separate Noto JP,KR,SC,TC fonts
      
      Bug 23404: Add Noto Sans Buginese to the macOS whitelist
      
      Bug 23745: Set dom.indexedDB.enabled = true
      
      Bug 13575: Disable randomised Firefox HTTP cache decay user tests.
      (Fernando Fernandez Mancera <ffmancera@riseup.net>)
      
      Bug 17252: Enable session identifiers with FPI
      
      Session tickets and session identifiers were isolated
      by OriginAttributes, so we can re-enable them by
      allowing the default value (true) of
      "security.ssl.disable_session_identifiers".
      
      The pref "security.enable_tls_session_tickets" is obsolete
      (removed in https://bugzilla.mozilla.org/917049)
      
      Bug 14952: Enable http/2 and AltSvc
      
      In Firefox, SPDY/HTTP2 now uses Origin Attributes for
      isolation of connections, push streams, origin frames, etc.
      That means we get first-party isolation provided
      "privacy.firstparty.isolate" is true. So in this patch, we
      stop overriding "network.http.spdy.enabled" and
      "network.http.spdy.enabled.http2".
      
      Alternate Services also use Origin Attributes for isolation.
      So we stop overriding
      "network.http.altsvc.enabled" and "network.http.altsvc.oe"
      as well.
      
      (All 4 of the abovementioned "network.http.*" prefs adopt
      Firefox 60ESR's default value of true.)
      
      However, we want to disable HTTP/2 push for now, so we
      set "network.http.spdy.allow-push" to false.
      
      "network.http.spdy.enabled.http2draft" was removed in Bug 1132357.
      "network.http.sped.enabled.v2" was removed in Bug 912550.
      "network.http.sped.enabled.v3" was removed in Bug 1097944.
      "network.http.sped.enabled.v3-1" was removed in Bug 1248197.
      
      Bug 26114: addons.mozilla.org is not special
      * Don't expose navigator.mozAddonManager on any site
      * Don't block NoScript from modifying addons.mozilla.org or other sites
      
      Enable ReaderView mode again (#27281).
      
      Bug 29916: Make sure enterprise policies are disabled
      
      Bug 2874: Block Components.interfaces from content
      
      Bug 26146: Spoof HTTP User-Agent header for desktop platforms
      
      In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent
      header and to JavaScript code via navigator.userAgent. To avoid
      leaking the OS inside each HTTP request (which many web servers
      log), always use the Windows 7 OS value in the desktop User-Agent
      header. We continue to allow access to the actual OS via JavaScript,
      since doing so improves compatibility with web applications such
      as GitHub and Google Docs.
      
      Bug 12885: Windows Jump Lists fail for Tor Browser
      
      Jumplist entries are stored in a binary file in:
        %APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\
      and has a name in the form
        [a-f0-9]+.customDestinations-ms
      
      The hex at the front is unique per app, and is ultimately derived from
      something called the 'App User Model ID' (AUMID) via some unknown
      hashing method. The AUMID is provided as a key when programmatically
      creating, updating, and deleting a jumplist. The default behaviour in
      firefox is for the installer to define an AUMID for an app, and save it
      in the registry so that the jumplist data can be removed by the
      uninstaller.
      
      However, the Tor Browser does not set this (or any other) regkey during
      installation, so this codepath fails and the app's AUMID is left
      undefined. As a result the app's AUMID ends up being defined by
      windows, but unknowable by Tor Browser. This unknown AUMID is used to
      create and modify the jumplist, but the delete API requires that we
      provide the app's AUMID explicitly. Since we don't know what the AUMID
      is (since the expected regkey where it is normally stored does not
      exist) jumplist deletion will fail and we will leave behind a mostly
      empty customDestinations-ms file. The name of the file is derived from
      the binary path, so an enterprising person could reverse engineer how
      that hex name is calculated, and generate the name for Tor Browser's
      default Desktop installation path to determine whether a person had
      used Tor Browser in the past.
      
      The 'taskbar.grouping.useprofile' option that is enabled by this patch
      works around this AUMID problem by having firefox.exe create it's own
      AUMID based on the profile path (rather than looking for a regkey). This
      way, if a user goes in and enables and disables jumplist entries, the
      backing store is properly deleted.
      
      Unfortunately, all windows users currently have this file lurking in
      the above mentioned directory and this patch will not remove it since it
      was created with an unknown AUMID. However, another patch could be
      written which goes to that directory and deletes any item containing the
      'Tor Browser' string.  See bug 28996.
      
      Bug 30845: Make sure default themes and other internal extensions are enabled
      
      Bug 28896: Enable extensions in private browsing by default
      
      Bug 31065: Explicitly allow proxying localhost
      
      Bug 31598: Enable letterboxing
      
      Disable Presentation API everywhere
      
      Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer
      security levels.
      
      Bug 32321: Disable Mozilla's MitM pings
      
      Bug 19890: Disable installation of system addons
      
      By setting the URL to "" we make sure that already installed system
      addons get deleted as well.
      
      Bug 22548: Firefox downgrades VP9 videos to VP8.
      
      On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor
      Browser 7.0 all youtube videos are degraded to VP8.
      
      This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0.
      All clients will get better experience and lower traffic, beause TBB doesn't
      use "Use hardware acceleration when available".
      
      Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs
      
      Bug 16441: Suppress "Reset Tor Browser" prompt.
      
      Bug 29120: Use the in-memory media cache and increase its maximum size.
      
      Bug 33697: use old search config based on list.json
      
      Bug 33855: Ensure that site-specific browser mode is disabled.
      
      Bug 30682: Disable Intermediate CA Preloading.
      
      Bug 40061: Omit the Windows default browser agent from the build
      
      Bug 40322: Consider disabling network.connectivity-service.enabled
      
      Bug 40408: Disallow SVG Context Paint in all web content
      
      Bug 40308: Disable network partitioning until we evaluate dFPI
      
      Bug 40322: Consider disabling network.connectivity-service.enabled
      
      Bug 40383: Disable dom.enable_event_timing
      
      Bug 40423: Disable http/3
      
      Bug 40177: Update prefs for Fx91esr
      
      Bug 40700: Disable addons and features recommendations
      
      Bug 40682: Disable network.proxy.allow_bypass
      
      Bug 40736: Disable third-party cookies in PBM
      
      Bug 19850: Enabled HTTPS-Only by default
      
      Bug 40912: Hide the screenshot menu
      
      Bug 41292: Disable moreFromMozilla in preferences page
      
      Bug 40057: Ensure the CSS4 system colors are not a fingerprinting vector
      
      Bug 24686: Set network.http.tailing.enabled to true
      
      Bug 40183: Disable TLS ciphersuites using SHA-1
      
      Bug 40783: Review 000-tor-browser.js and 001-base-profile.js for 102
      
      We reviewed all the preferences we set for 102, and remove a few old
      ones. See the description of that issue to see all the preferences we
      believed were still valid for 102, and some brief description for the
      reasons to keep them.
      Verified
      7d2822e9
    • Pier Angelo Vendrame's avatar
      Bug 41599: Always return an empty string as network ID · 4689f713
      Pier Angelo Vendrame authored
      Firefox computes an internal network ID used to detect network changes
      and act consequently (e.g., to improve WebSocket UX).
      However, there are a few ways to get this internal network ID, so we
      patch them out, to be sure any new code will not be able to use them and
      possibly link users.
      
      We also sent a patch to Mozilla to seed the internal network ID, to
      prevent any accidental leak in the future.
      Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1817756
      Verified
      4689f713
    • Pier Angelo Vendrame's avatar
      Bug 40788: Prevent nsIURLQueryStrippingListService from calling home when it is not enabled. · b05f4a1d
      Pier Angelo Vendrame authored
      The URL query stripping service is enabled only in nightly builds,
      still it is initialized and remote settings are downloaded.
      This adds a condition that prevents the service from being initialized
      if disabled.
      
      Upstream Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1812594
      We should remove this patch if Mozilla decides that this is a problem
      also for them, or if they do not but we decide to use the feature.
      Verified
      b05f4a1d
    • cypherpunks1's avatar
      Bug 40717: Hide Windows SSO in settings · 9236921c
      cypherpunks1 authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Verified
      9236921c
    • cypherpunks1's avatar
      Bug 41568: Disable LaterRun · 9e42a9b3
      cypherpunks1 authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Verified
      9e42a9b3
    • cypherpunks1's avatar
      Verified
      f71ff97f
    • Alex Catarineu's avatar
      Bug 28369: Stop shipping pingsender executable · cbe86b42
      Alex Catarineu authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Verified
      cbe86b42
    • Georg Koppen's avatar
    • Pier Angelo Vendrame's avatar
      Bug 41635: Disable the Normandy component · 871e5e7c
      Pier Angelo Vendrame authored
      Do not include Normandy at all whenever MOZ_NORMANDY is False.
      Verified
      871e5e7c
    • Alex Catarineu's avatar
      Bug 31740: Remove some unnecessary RemoteSettings instances · f916d5b2
      Alex Catarineu authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      More concretely, SearchService.jsm 'hijack-blocklists' and
      url-classifier-skip-urls.
      
      Avoid creating instance for 'anti-tracking-url-decoration'.
      
      If prefs are disabling their usage, avoid creating instances for
      'cert-revocations' and 'intermediates'.
      
      Do not ship JSON dumps for collections we do not expect to need. For
      the ones in the 'main' bucket, this prevents them from being synced
      unnecessarily (the code in remote-settings does so for collections
      in the main bucket for which a dump or local data exists). For the
      collections in the other buckets, we just save some size by not
      shipping their dumps.
      
      We also clear the collections database on the v2 -> v3 migration.
      Verified
      f916d5b2
    • Arthur Edelstein's avatar
      Bug 26353: Prevent speculative connect that violated FPI. · 5dc05a02
      Arthur Edelstein authored and Pier Angelo Vendrame's avatar Pier Angelo Vendrame committed
      Connections were observed in the catch-all circuit when
      the user entered an https or http URL in the URL bar, or
      typed a search term.
      Verified
      5dc05a02
Loading