browser/app/profile/firefox.js

@@ -50,9 +50,9 @@ pref("extensions.recommendations.themeRecommendationUrl", "https://color.firefox
 
 pref("extensions.update.autoUpdateDefault", true);
 
-// Check AUS for system add-on updates.
-pref("extensions.systemAddon.update.url", "https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml");
-pref("extensions.systemAddon.update.enabled", true);
+// No AUS check for system add-on updates for Tor Browser users.
+pref("extensions.systemAddon.update.url", "");
+pref("extensions.systemAddon.update.enabled", false);
 
 // Disable add-ons that are not installed by the user in all scopes by default.
 // See the SCOPE constants in AddonManager.jsm for values to use here.
@@ -139,7 +139,6 @@ pref("app.update.elevation.promptMaxAttempts", 2);
 // an update is being downloaded.
 pref("app.update.notifyDuringDownload", false);
 
-// If set to true, the Update Service will automatically download updates if the
 // user can apply updates. This pref is no longer used on Windows, except as the
 // default value to migrate to the new location that this data is now stored
 // (which is in a file in the update directory). Because of this, this pref
@@ -1800,13 +1799,8 @@ pref("browser.ping-centre.log", false);
 // Enable GMP support in the addon manager.
 pref("media.gmp-provider.enabled", true);
 
-#ifdef NIGHTLY_BUILD
-// Enable Dynamic First-Party Isolation in Nightly.
+// Enable Dynamic First-Party Isolation by default.
 pref("network.cookie.cookieBehavior", 5 /* BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN */);
-#else
-// Enable blocking access to storage from tracking resources by default.
-pref("network.cookie.cookieBehavior", 4 /* BEHAVIOR_REJECT_TRACKER */);
-#endif
 
 // Whether to show the section in preferences which allows users to opt-in to
 // Total Cookie Protection (dFPI) in standard mode.
@@ -1884,7 +1878,7 @@ pref("browser.contentblocking.reject-and-isolate-cookies.preferences.ui.enabled"
 //     "cookieBehaviorPBM4": cookie behaviour BEHAVIOR_REJECT_TRACKER
 //     "cookieBehaviorPBM5": cookie behaviour BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN
 // One value from each section must be included in the browser.contentblocking.features.strict pref.
-pref("browser.contentblocking.features.strict", "tp,tpPrivate,cookieBehavior5,cookieBehaviorPBM5,cm,fp,stp,lvl2,rp,rpTop,ocsp,qps");
+pref("browser.contentblocking.features.strict", "tp,tpPrivate,cm,fp,stp,lvl2,rp,rpTop,ocsp,qps");
 
 // Hide the "Change Block List" link for trackers/tracking content in the custom
 // Content Blocking/ETP panel. By default, it will not be visible. There is also
@@ -1897,8 +1891,9 @@ pref("browser.contentblocking.reportBreakage.url", "https://tracking-protection-
 // Enable Protections report's Lockwise card by default.
 pref("browser.contentblocking.report.lockwise.enabled", true);
 
-// Enable Protections report's Monitor card by default.
-pref("browser.contentblocking.report.monitor.enabled", true);
+// Disable rotections report's Monitor card by default. The new Monitor API does
+// not support this feature as of now. See Bug 1815751.
+pref("browser.contentblocking.report.monitor.enabled", false);
 
 // Disable Protections report's Proxy card by default.
 pref("browser.contentblocking.report.proxy.enabled", false);

browser/base/content/aboutDialog-appUpdater.js

@@ -174,7 +174,7 @@ appUpdater.prototype = {
       if (aChildID == "downloadAndInstall") {
         let updateVersion = gAppUpdater.update.displayVersion;
         // Include the build ID if this is an "a#" (nightly or aurora) build
-        if (/a\d+$/.test(updateVersion)) {
+        if (!AppConstants.BASE_BROWSER_UPDATE && /a\d+$/.test(updateVersion)) {
           let buildID = gAppUpdater.update.buildID;
           let year = buildID.slice(0, 4);
           let month = buildID.slice(4, 6);

browser/base/content/aboutDialog.js

@@ -54,15 +54,15 @@ async function init(aEvent) {
     bits: Services.appinfo.is64Bit ? 64 : 32,
   };
 
+  // Adjust version text to show the Tor Browser version
+  versionAttributes.version =
+    AppConstants.BASE_BROWSER_VERSION +
+    " (based on Mozilla Firefox " +
+    AppConstants.MOZ_APP_VERSION_DISPLAY +
+    ")";
+
   let version = Services.appinfo.version;
   if (/a\d+$/.test(version)) {
-    versionId = "aboutDialog-version-nightly";
-    let buildID = Services.appinfo.appBuildID;
-    let year = buildID.slice(0, 4);
-    let month = buildID.slice(4, 6);
-    let day = buildID.slice(6, 8);
-    versionAttributes.isodate = `${year}-${month}-${day}`;
-
     document.getElementById("experimental").hidden = false;
     document.getElementById("communityDesc").hidden = true;
   }

browser/base/content/appmenu-viewcache.inc.xhtml

@@ -55,7 +55,12 @@
                      class="subviewbutton"
                      data-l10n-id="appmenuitem-new-private-window"
                      key="key_privatebrowsing"
-                     command="Tools:PrivateBrowsing"/>
+                     command="Tools:PrivateBrowsing"
+                     hidden="true"/>
+      <toolbarseparator/>
+      <toolbarbutton id="appMenu-new-identity"
+                     class="subviewbutton"
+                     key="new-identity-key"/>
       <toolbarseparator/>
       <toolbarbutton id="appMenu-bookmarks-button"
                      class="subviewbutton subviewbutton-nav"
@@ -175,7 +180,8 @@
       <toolbarbutton id="appMenu-restoreSession"
                      data-l10n-id="appmenu-restore-session"
                      class="subviewbutton"
-                     command="Browser:RestoreLastSession"/>
+                     command="Browser:RestoreLastSession"
+                     hidden="true"/>
       <toolbarseparator/>
       <toolbarbutton id="appMenuClearRecentHistory"
                      data-l10n-id="appmenu-clear-history"

browser/base/content/browser-allTabsMenu.js

@@ -139,6 +139,12 @@ var gTabsPanel = {
   },
 
   showAllTabsPanel(event) {
+    // Note that event may be null.
+
+    // Only space and enter should open the popup, ignore other keypresses:
+    if (event?.type == "keypress" && event.key != "Enter" && event.key != " ") {
+      return;
+    }
     this.init();
     if (this.canOpen) {
       PanelUI.showSubView(

browser/base/content/browser-context.inc

@@ -351,7 +351,7 @@
           <menuitem id="context-take-frame-screenshot"
                     data-l10n-id="main-context-menu-take-frame-screenshot"
                     oncommand="gContextMenu.takeScreenshot();"/>
-          <menuseparator/>
+          <menuseparator id="context-sep-frame-screenshot"/>
           <menuitem id="context-viewframesource"
                     data-l10n-id="main-context-menu-frame-view-source"
                     oncommand="gContextMenu.viewFrameSource();"/>

browser/base/content/browser-menubar.inc

@@ -28,6 +28,10 @@
                 <menuitem id="menu_newPrivateWindow"
                           command="Tools:PrivateBrowsing"
                           key="key_privatebrowsing" data-l10n-id="menu-file-new-private-window"/>
+                <menuseparator/>
+                <menuitem id="menu_newIdentity"
+                          key="new-identity-key"/>
+                <menuseparator/>
                 <menuitem id="menu_openLocation"
                           hidden="true"
                           command="Browser:OpenLocation"
@@ -48,7 +52,8 @@
                 <menuitem id="menu_savePage"
                           key="key_savePage"
                           command="Browser:SavePage" data-l10n-id="menu-file-save-page"/>
-#ifndef XP_MACOSX
+# bug 41117 - don't allow sharing as there is a proxy bypass theoretical risk, so restore send link in that case
+#if !defined(XP_MACOSX) || defined(MOZ_PROXY_BYPASS_PROTECTION)
                 <menuitem id="menu_sendLink"
                           command="Browser:SendLink" data-l10n-id="menu-file-email-link"/>
 #endif
@@ -453,6 +458,7 @@
      have their strings defined by appmenu-data-l10n-id. -->
                 <menuitem id="menu_openHelp"
                           oncommand="openHelpLink('firefox-help')"
+                          hidden="true"
                           data-l10n-id="menu-get-help"
                           appmenu-data-l10n-id="appmenu-get-help"
 #ifdef XP_MACOSX
@@ -462,14 +468,17 @@
 #endif
                 <menuitem id="feedbackPage"
                           oncommand="openFeedbackPage()"
+                          hidden="true"
                           data-l10n-id="menu-help-share-ideas"
                           appmenu-data-l10n-id="appmenu-help-share-ideas"/>
                 <menuitem id="helpSafeMode"
                           oncommand="safeModeRestart();"
+                          hidden="true"
                           data-l10n-id="menu-help-enter-troubleshoot-mode2"
                           appmenu-data-l10n-id="appmenu-help-enter-troubleshoot-mode2"/>
                 <menuitem id="troubleShooting"
                           oncommand="openTroubleshootingPage()"
+                          hidden="true"
                           data-l10n-id="menu-help-more-troubleshooting-info"
                           appmenu-data-l10n-id="appmenu-help-more-troubleshooting-info"/>
                 <menuitem id="help_reportSiteIssue"

browser/base/content/browser-safebrowsing.js

@@ -7,6 +7,13 @@
 
 var gSafeBrowsing = {
   setReportPhishingMenu() {
+    // tor-browser#18905: hide these menu entries
+    if (
+      !Services.prefs.getBoolPref("browser.safebrowsing.phishing.enabled", true)
+    ) {
+      return;
+    }
+
     // In order to detect whether or not we're at the phishing warning
     // page, we have to check the documentURI instead of the currentURI.
     // This is because when the DocShell loads an error page, the

browser/base/content/browser-sets.inc

@@ -388,4 +388,5 @@
          modifiers="accel,alt"
          internal="true"/>
 #endif
+    <key id="new-identity-key" modifiers="accel shift" key="U" oncommand="NewIdentityButton.onCommand(event)"/>
   </keyset>

browser/base/content/browser-siteIdentity.js

@@ -898,10 +898,10 @@ var gIdentityHandler = {
       gPermissionPanel.refreshPermissionIcons();
     }
 
-    // Hide the shield icon if it is a chrome page.
+    // Bug 26345: Hide tracking protection UI.
     gProtectionsHandler._trackingProtectionIconContainer.classList.toggle(
       "chromeUI",
-      this._isSecureInternalUI
+      true
     );
   },
 

browser/base/content/browser.css

@@ -98,6 +98,29 @@ body {
   -moz-window-dragging: drag;
 }
 
+/**
+  Never modify the following selector without synchronizing
+  LETTERBOX_CSS_SELECTOR in RFPHelper.jsm!
+**/
+.letterboxing .browserStack:not(.exclude-letterboxing) > browser {
+  /* width & height to be dynamically set by RFPHelper.jsm */
+  outline: 1px solid var(--chrome-content-separator-color);
+}
+
+.exclude-letterboxing > browser {
+  outline: initial;
+}
+
+:root:not([inDOMFullscreen]) .letterboxing.letterboxing-ready .browserStack:not(.exclude-letterboxing) {
+  place-content: start center;
+}
+
+/* extend down the toolbar's colors when letterboxing is enabled */
+.letterboxing {
+  background-color: var(--toolbar-bgcolor);
+  background-image: var(--toolbar-bgimage);
+}
+
 #toolbar-menubar[autohide="true"] {
   overflow: hidden;
 }

browser/base/content/browser.js

@@ -67,7 +67,6 @@ XPCOMUtils.defineLazyModuleGetters(this, {
   RFPHelper: "resource://gre/modules/RFPHelper.jsm",
   SafeBrowsing: "resource://gre/modules/SafeBrowsing.jsm",
   Sanitizer: "resource:///modules/Sanitizer.jsm",
-  SaveToPocket: "chrome://pocket/content/SaveToPocket.jsm",
   ScreenshotsUtils: "resource:///modules/ScreenshotsUtils.jsm",
   SessionStartup: "resource:///modules/sessionstore/SessionStartup.jsm",
   SessionStore: "resource:///modules/sessionstore/SessionStore.jsm",
@@ -223,6 +222,16 @@ XPCOMUtils.defineLazyScriptGetter(
   ["DownloadsButton", "DownloadsIndicatorView"],
   "chrome://browser/content/downloads/indicator.js"
 );
+XPCOMUtils.defineLazyScriptGetter(
+  this,
+  ["SecurityLevelButton"],
+  "chrome://browser/content/securitylevel/securityLevel.js"
+);
+XPCOMUtils.defineLazyScriptGetter(
+  this,
+  ["NewIdentityButton"],
+  "chrome://browser/content/newidentity.js"
+);
 XPCOMUtils.defineLazyScriptGetter(
   this,
   "gEditItemOverlay",
@@ -1772,6 +1781,12 @@ var gBrowserInit = {
     // doesn't flicker as the window is being shown.
     DownloadsButton.init();
 
+    // Init the SecuritySettingsButton
+    SecurityLevelButton.init();
+
+    // Init the NewIdentityButton
+    NewIdentityButton.init();
+
     // Certain kinds of automigration rely on this notification to complete
     // their tasks BEFORE the browser window is shown. SessionStore uses it to
     // restore tabs into windows AFTER important parts like gMultiProcessBrowser
@@ -2492,6 +2507,10 @@ var gBrowserInit = {
 
     DownloadsButton.uninit();
 
+    SecurityLevelButton.uninit();
+
+    NewIdentityButton.uninit();
+
     gAccessibilityServiceIndicator.uninit();
 
     if (gToolbarKeyNavEnabled) {
@@ -4807,6 +4826,10 @@ let gShareUtils = {
    * Updates a sharing item in a given menu, creating it if necessary.
    */
   updateShareURLMenuItem(browser, insertAfterEl) {
+    if (!Services.prefs.getBoolPref("browser.share_menu.allow", false)) {
+      return false;
+    }
+
     // We only support "share URL" on macOS and on Windows 10:
     if (
       AppConstants.platform != "macosx" &&
@@ -5418,8 +5441,6 @@ var XULBrowserWindow = {
 
     SafeBrowsingNotificationBox.onLocationChange(aLocationURI);
 
-    SaveToPocket.onLocationChange(window);
-
     UrlbarProviderSearchTips.onLocationChange(
       window,
       aLocationURI,
@@ -5980,6 +6001,7 @@ var TabsProgressListener = {
   onStateChange(aBrowser, aWebProgress, aRequest, aStateFlags, aStatus) {
     // Collect telemetry data about tab load times.
     if (
+      AppConstants.MOZ_TELEMETRY_REPORTING &&
       aWebProgress.isTopLevel &&
       (!aRequest.originalURI || aRequest.originalURI.scheme != "about")
     ) {
@@ -7128,6 +7150,7 @@ function handleLinkClick(event, href, linkNode) {
   if (where == "save") {
     saveURL(
       href,
+      null,
       linkNode ? gatherTextUnder(linkNode) : "",
       null,
       true,

browser/base/content/browser.xhtml

@@ -20,6 +20,8 @@
 <?xml-stylesheet href="chrome://browser/content/browser.css" type="text/css"?>
 <?xml-stylesheet href="chrome://browser/content/tabbrowser.css" type="text/css"?>
 <?xml-stylesheet href="chrome://browser/content/downloads/downloads.css" type="text/css"?>
+<?xml-stylesheet href="chrome://browser/content/securitylevel/securityLevelPanel.css"?>
+<?xml-stylesheet href="chrome://browser/content/securitylevel/securityLevelButton.css"?>
 <?xml-stylesheet href="chrome://browser/content/places/places.css" type="text/css"?>
 <?xml-stylesheet href="chrome://browser/content/usercontext/usercontext.css" type="text/css"?>
 <?xml-stylesheet href="chrome://browser/skin/" type="text/css"?>
@@ -85,6 +87,7 @@
 #ifdef NIGHTLY_BUILD
   <link rel="localization" href="preview/firefoxView.ftl"/>
 #endif
+  <link rel="localization" href="browser/languageNotification.ftl"/>
 
   <title data-l10n-id="browser-main-window-title"></title>
 
@@ -112,6 +115,7 @@
   Services.scriptloader.loadSubScript("chrome://browser/content/places/places-menupopup.js", this);
   Services.scriptloader.loadSubScript("chrome://browser/content/search/autocomplete-popup.js", this);
   Services.scriptloader.loadSubScript("chrome://browser/content/search/searchbar.js", this);
+  Services.scriptloader.loadSubScript("chrome://browser/content/languageNotification.js", this);
 
   window.onload = gBrowserInit.onLoad.bind(gBrowserInit);
   window.onunload = gBrowserInit.onUnload.bind(gBrowserInit);
@@ -142,10 +146,7 @@
   <html:template id="window-modal-dialog-template">
     <vbox class="dialogTemplate dialogOverlay" align="center" topmost="true">
       <hbox class="dialogBox">
-        <browser class="dialogFrame"
-                 autoscroll="false"
-                 selectmenulist="ContentSelectDropdown"
-                 disablehistory="true"/>
+        <browser class="dialogFrame" autoscroll="false" disablehistory="true"/>
       </hbox>
     </vbox>
   </html:template>

browser/base/content/certerror/aboutNetError.js

@@ -153,18 +153,16 @@ function setupAdvancedButton() {
     .addEventListener("click", togglePanelVisibility);
 
   function togglePanelVisibility() {
-    panel.hidden = !panel.hidden;
-    if (gIsCertError) {
-      // Toggling the advanced panel must ensure that the debugging
-      // information panel is hidden as well, since it's opened by the
-      // error code link in the advanced panel.
-      toggleCertErrorDebugInfoVisibility(false);
-    }
+    if (panel.hidden) {
+      // Reveal
+      revealAdvancedPanelSlowlyAsync();
 
-    if (panel.style.display == "block") {
       // send event to trigger telemetry ping
       var event = new CustomEvent("AboutNetErrorUIExpanded", { bubbles: true });
       document.dispatchEvent(event);
+    } else {
+      // Hide
+      panel.hidden = true;
     }
   }
 
@@ -173,12 +171,61 @@ function setupAdvancedButton() {
   }
 
   if (getCSSClass() == "expertBadCert") {
-    panel.hidden = false;
+    revealAdvancedPanelSlowlyAsync();
   }
 
   disallowCertOverridesIfNeeded();
 }
 
+async function revealAdvancedPanelSlowlyAsync() {
+  const badCertAdvancedPanel = document.getElementById("badCertAdvancedPanel");
+  const exceptionDialogButton = document.getElementById(
+    "exceptionDialogButton"
+  );
+
+  // Toggling the advanced panel must ensure that the debugging
+  // information panel is hidden as well, since it's opened by the
+  // error code link in the advanced panel.
+  toggleCertErrorDebugInfoVisibility(false);
+
+  // Reveal, but disabled (and grayed-out) for 3.0s.
+  badCertAdvancedPanel.hidden = false;
+  exceptionDialogButton.disabled = true;
+
+  // -
+
+  if (exceptionDialogButton.resetReveal) {
+    exceptionDialogButton.resetReveal(); // Reset if previous is pending.
+  }
+  let wasReset = false;
+  exceptionDialogButton.resetReveal = () => {
+    wasReset = true;
+  };
+
+  // Wait for 10 frames to ensure that the warning text is rendered
+  // and gets all the way to the screen for the user to read it.
+  // This is only ~0.160s at 60Hz, so it's not too much extra time that we're
+  // taking to ensure that we're caught up with rendering, on top of the
+  // (by default) whole second(s) we're going to wait based on the
+  // security.dialog_enable_delay pref.
+  // The catching-up to rendering is the important part, not the
+  // N-frame-delay here.
+  for (let i = 0; i < 10; i++) {
+    await new Promise(requestAnimationFrame);
+  }
+
+  // Wait another Nms (default: 1000) for the user to be very sure. (Sorry speed readers!)
+  const securityDelayMs = RPMGetIntPref("security.dialog_enable_delay", 1000);
+  await new Promise(go => setTimeout(go, securityDelayMs));
+
+  if (wasReset) {
+    return;
+  }
+
+  // Enable and un-gray-out.
+  exceptionDialogButton.disabled = false;
+}
+
 function disallowCertOverridesIfNeeded() {
   var cssClass = getCSSClass();
   // Disallow overrides if this is a Strict-Transport-Security
@@ -973,7 +1020,6 @@ async function setTechnicalDetailsOnCertError(
   }
 
   let cssClass = getCSSClass();
-  let error = gErrorCode;
 
   let hostString = HOST_NAME;
   let port = document.location.port;
@@ -1084,14 +1130,10 @@ async function setTechnicalDetailsOnCertError(
         // If we set a link, meaning there's something helpful for
         // the user here, expand the section by default
         if (href && cssClass != "expertBadCert") {
-          document.getElementById("badCertAdvancedPanel").style.display =
-            "block";
-          if (error == "nssBadCert") {
-            // Toggling the advanced panel must ensure that the debugging
-            // information panel is hidden as well, since it's opened by the
-            // error code link in the advanced panel.
-            toggleCertErrorDebugInfoVisibility(false);
-          }
+          // Previously, this would cause AboutNetErrorUIExpanded to send to
+          // telemetry, but we probably don't want to do that when
+          // auto-revealing.
+          revealAdvancedPanelSlowlyAsync();
         }
 
         // Set the link if we want it.

browser/base/content/languageNotification.js

+"use strict";
+
+// Show a prompt to suggest to the user that they can change the UI language.
+// Show it only the first time, and then do not show it anymore
+window.addEventListener("load", async () => {
+  const PREF_NAME = "intl.language_notification.shown";
+
+  if (Services.prefs.getBoolPref(PREF_NAME, false)) {
+    return;
+  }
+
+  // Already customized, we do not suggest to change it again...
+  if (Services.prefs.getCharPref("intl.locale.requested", "") !== "") {
+    // ... and we never show the notification, either
+    Services.prefs.setBoolPref(PREF_NAME, true);
+    return;
+  }
+
+  // In sync with our changes on browser/components/preferences/main.js for
+  // tor-browser#41369 and tor-browser#41372.
+  const code =
+    Services.locale.appLocaleAsBCP47 === "ja-JP-macos"
+      ? "ja"
+      : Services.locale.appLocaleAsBCP47;
+  const language = Services.intl
+    .getLocaleDisplayNames(undefined, [code], { preferNative: true })[0]
+    .replace(/\s*\(.+\)$/g, "");
+
+  // We want to determine whether the current locale was chosen based on the
+  // system locales, in which case langauge negotiation returns a match, or
+  // whether it simply defaulted to en-US.
+  const matchingSystem = !!Services.locale.negotiateLanguages(
+    // Since intl.locale.requested is empty, we expect requestedLocales to match
+    // the user's system locales.
+    Services.locale.requestedLocales,
+    Services.locale.availableLocales
+  ).length;
+  const label = await document.l10n.formatValue(
+    matchingSystem
+      ? "language-notification-label-system"
+      : "language-notification-label",
+    { language }
+  );
+
+  const buttons = [
+    {
+      "l10n-id": "language-notification-button",
+      callback() {
+        openPreferences("general-language");
+      },
+    },
+  ];
+
+  gNotificationBox.appendNotification(
+    "language-notification",
+    {
+      label,
+      priority: gNotificationBox.PRIORITY_INFO_HIGH,
+    },
+    buttons
+  );
+
+  // We do not wait for the user to either click on the button or dismiss the
+  // notification: after we have shown it once, we take for granted that the
+  // user has seen it and we never show it again.
+  Services.prefs.setBoolPref(PREF_NAME, true);
+});

browser/base/content/main-popupset.inc.xhtml

@@ -150,21 +150,6 @@
     </panel>
   </html:template>
 
-  <!-- for select dropdowns. The menupopup is what shows the list of options,
-       and the popuponly menulist makes things like the menuactive attributes
-       work correctly on the menupopup. ContentSelectDropdown expects the
-       popuponly menulist to be its immediate parent. -->
-  <menulist popuponly="true" id="ContentSelectDropdown" hidden="true">
-    <menupopup rolluponmousewheel="true"
-               id="ContentSelectDropdownPopup"
-               activateontab="true" position="after_start"
-               level="parent"
-#ifdef XP_WIN
-               consumeoutsideclicks="false" ignorekeys="shortcuts"
-#endif
-      />
-  </menulist>
-
   <html:template id="printPreviewStackTemplate">
     <stack class="previewStack" rendering="true" flex="1" previewtype="primary">
       <vbox class="previewRendering" flex="1">
@@ -292,7 +277,6 @@
       <vbox class="dialogTemplate dialogOverlay" align="center" topmost="true" hidden="true">
         <hbox class="dialogBox">
           <browser class="dialogFrame"
-                   selectmenulist="ContentSelectDropdown"
                    autoscroll="false"
                    disablehistory="true"/>
         </hbox>
@@ -550,6 +534,7 @@
 #include ../../components/controlcenter/content/protectionsPanel.inc.xhtml
 #include ../../components/downloads/content/downloadsPanel.inc.xhtml
 #include ../../../devtools/startup/enableDevToolsPopup.inc.xhtml
+#include ../../components/securitylevel/content/securityLevelPanel.inc.xhtml
 #include browser-allTabsMenu.inc.xhtml
 
   <tooltip id="dynamic-shortcut-tooltip"

browser/base/content/navigator-toolbox.inc.xhtml

@@ -80,6 +80,7 @@
           <toolbarbutton id="alltabs-button"
                          class="toolbarbutton-1 chromeclass-toolbar-additional tabs-alltabs-button"
                          badged="true"
+                         onkeypress="gTabsPanel.showAllTabsPanel(event);"
                          onmousedown="gTabsPanel.showAllTabsPanel(event);"
                          data-l10n-id="tabs-toolbar-list-all-tabs"
                          removable="false"/>
@@ -404,6 +405,8 @@
         </box>
       </toolbarbutton>
 
+#include ../../components/securitylevel/content/securityLevelButton.inc.xhtml
+
       <toolbarbutton id="fxa-toolbar-menu-button" class="toolbarbutton-1 chromeclass-toolbar-additional subviewbutton-nav"
                      badged="true"
                      onmousedown="gSync.toggleAccountPanel(this, event)"
@@ -534,6 +537,8 @@
                    ondragover="newWindowButtonObserver.onDragOver(event)"
                    ondragenter="newWindowButtonObserver.onDragOver(event)"/>
 
+    <toolbarbutton id="new-identity-button" class="toolbarbutton-1 chromeclass-toolbar-additional"/>
+
     <toolbarbutton id="fullscreen-button" class="toolbarbutton-1 chromeclass-toolbar-additional"
                    observes="View:FullScreen"
                    type="checkbox"

browser/base/content/nsContextMenu.js

@@ -729,6 +729,18 @@ class nsContextMenu {
       let frameOsPid = this.actor.manager.browsingContext.currentWindowGlobal
         .osPid;
       this.setItemAttr("context-frameOsPid", "label", "PID: " + frameOsPid);
+
+      // We need to check if "Take Screenshot" should be displayed in the "This Frame"
+      // context menu
+      let shouldShowTakeScreenshotFrame = this.shouldShowTakeScreenshot();
+      this.showItem(
+        "context-take-frame-screenshot",
+        shouldShowTakeScreenshotFrame
+      );
+      this.showItem(
+        "context-sep-frame-screenshot",
+        shouldShowTakeScreenshotFrame
+      );
     }
 
     this.showAndFormatSearchContextItem();
@@ -1197,7 +1209,7 @@ class nsContextMenu {
     }
   }
 
-  initScreenshotItem() {
+  shouldShowTakeScreenshot() {
     // About pages other than about:reader are not currently supported by
     // screenshots (see Bug 1620992)
     let uri = this.contentData?.documentURIObject;
@@ -1212,8 +1224,13 @@ class nsContextMenu {
       !this.onVideo &&
       !this.onAudio &&
       !this.onEditable &&
-      !this.onPassword &&
-      !this.inFrame;
+      !this.onPassword;
+
+    return shouldShow;
+  }
+
+  initScreenshotItem() {
+    let shouldShow = this.shouldShowTakeScreenshot() && !this.inFrame;
 
     this.showItem("context-sep-screenshots", shouldShow);
     this.showItem("context-take-screenshot", shouldShow);
@@ -1549,6 +1566,7 @@ class nsContextMenu {
       // FIXME can we switch this to a blob URL?
       internalSave(
         dataURL,
+        null, // originalURL
         null, // document
         name,
         null, // content disposition
@@ -1737,6 +1755,7 @@ class nsContextMenu {
           // it can without waiting.
           saveURL(
             linkURL,
+            null,
             linkText,
             dialogTitle,
             bypassCache,
@@ -1887,6 +1906,7 @@ class nsContextMenu {
       this._canvasToBlobURL(this.targetIdentifier).then(function(blobURL) {
         internalSave(
           blobURL,
+          null, // originalURL
           null, // document
           "canvas.png",
           null, // content disposition
@@ -1907,6 +1927,7 @@ class nsContextMenu {
       urlSecurityCheck(this.mediaURL, this.principal);
       internalSave(
         this.mediaURL,
+        null, // originalURL
         null, // document
         null, // file name; we'll take it from the URL
         this.contentData.contentDisposition,

browser/base/content/pageinfo/pageInfo.js

@@ -738,6 +738,7 @@ function saveMedia() {
       saveURL(
         url,
         null,
+        null,
         titleKey,
         false,
         false,
@@ -768,6 +769,7 @@ function saveMedia() {
             null,
             null,
             null,
+            null,
             false,
             "SaveImageTitle",
             aChosenData,