The OS language might be outside the list of actually supported
languages and it might leak the user's region.
Therefore, we force the locale reported in Accept-Language to match one
we support with translations, even when it means using a not exact
region tag.

Revert "Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView"

This reverts commit ff97b6fb.

Jonathan Kew authored 10 months ago and ma1 committed 10 months ago

Original Revision: https://phabricator.services.mozilla.com/D208983

Differential Revision: https://phabricator.services.mozilla.com/D209209

Jonathan Kew authored 11 months ago and ma1 committed 10 months ago

Bug 1890204 - Ensure font entry's unitsPerEm and font extents are initialized when gfxFont is created. r=gfx-reviewers,lsalzman

This means that by the time we potentially call GetFontExtents() when drawing,
the extents fields are guaranteed to have been been initialized, and there's no
risk of the (read-only) access here racing with setting them in UnitsPerEm().

Differential Revision: https://phabricator.services.mozilla.com/D206920

Nuohan Li authored 10 months ago and ma1 committed 10 months ago

Differential Revision: https://phabricator.services.mozilla.com/D204928

ma1 authored 10 months ago and Pier Angelo Vendrame committed 10 months ago

Bug 42405: Fix betterboxing + findbar horizontal bounce if the scrollbar is not an overlay.

This commits makes it possible to disable OS spoofing in the HTTP
User-Agent header, to see if matching header and JS property improve
usability.

Richard Pospesel authored 11 months ago and Pier Angelo Vendrame committed 10 months ago

emergency security issue for mullvad browser

Besides disabling the "Delete on close checkbox", disable also the
"Manage Exceptions" button when always using PBM.

about:preferences allow to override some of our defaults, that could
be fingeprintable or have some other unwanted consequences.

boklm authored 1 year ago and Pier Angelo Vendrame committed 10 months ago

MB 256: Add mullvad-browser nightly mar signing key

MB 71: Set the updater base URL to Mullvad domain

This commit disables the about:login page and removes the "Login and
Password" section of about:preferences.

We do not do anything to the real password manager of Firefox, that is
in toolkit: it contains C++ parts that make it difficult to actually
prevent it from being built..

Finally, we modify the the function that opens about:login to report an
error in the console so that we can quickly get a backtrace to the code
that tries to use it.

Also:
#57: Purge unneeded about: pages

We install a few addons from the distribution directory, but they are
not automatically enabled for PBM mode.
This commit modifies the code that installs them to also add the PBM
permission to the known ones.

MB 284: Customize logs in about:debugging.

See also:
#5: Product name and directory customization
#12: Create new branding directories and integrate Mullvad icons+branding
#14: Remove Default Built-in bookmarks
#35: Add custom PDF icons for Windows builds
#48: Replace Mozilla copyright and legal trademarks in mullvadbrowser.exe metadata
#51: Update trademark string
#104: Update shipped dll metadata copyright/licensing info
#107: Add alpha and nightly icons

This commit implmenents the the Base Browser's version of _migrateUI.

henry authored 10 months ago and Pier Angelo Vendrame committed 10 months ago

Bug 42537: Move base-browser.ftl to toolkit.

ma1 authored 10 months ago and Pier Angelo Vendrame committed 10 months ago

Bug 42532: Use the HomePage module for new identity checks.

This component adds a new Security Level toolbar button which visually
indicates the current global security level via icon (as defined by the
extensions.torbutton.security_slider pref), a drop-down hanger with a
short description of the current security level, and a new section in
the about:preferences#privacy page where users can change their current
security level. In addition, the hanger and the preferences page will
show a visual warning when the user has modified prefs associated with
the security level and provide a one-click 'Restore Defaults' button to
get the user back on recommended settings.

Bug 40125: Expose Security Level pref in GeckoView

henry authored 1 year ago and Pier Angelo Vendrame committed 10 months ago

This hides it from both the toolbar and the unified extensions panel.

We also hide the unified-extension-button if the panel would be empty:
not including the NoScript button when it is hidden. As a result, this
will be hidden by default until a user installs another extension (or
shows the NoScript button and unpins it).

Matthew Finkel authored 3 years ago and Pier Angelo Vendrame committed 10 months ago

Bug 40253: Explicitly allow NoScript in Private Browsing mode.

Remove the items not compatible with our features (such as history) from
the migration wizard.

On Linux, allow to specify an alternative home directory, since we
usually change $HOME in our startup script.