The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2023-02-28T13:05:43Zhttps://gitlab.torproject.org/tpo/applications/mullvad-browser/-/issues/92On M1 macOS, the browser only start if you manually check Rosetta compatibili...2023-02-28T13:05:43ZruihildtOn M1 macOS, the browser only start if you manually check Rosetta compatibility modeIf you install the Mullvad Browser on M! macOS, the following error message appears:
![image](/uploads/7c54ab7aa97fa9ff39fb7ccb63a79d9f/image.png)
To make it work, you need to:
- Right click on the icon in Applications
- Click on Get In...If you install the Mullvad Browser on M! macOS, the following error message appears:
![image](/uploads/7c54ab7aa97fa9ff39fb7ccb63a79d9f/image.png)
To make it work, you need to:
- Right click on the icon in Applications
- Click on Get Info
- In the General section, tick Open using Rosetta
It will then start. Is there a way to make it run automatically in Rosetta compatibility mode?https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42298"Onionsite Has Disconnected" error message displayed for non-onion sites.2024-01-09T14:38:22Zcypherpunks"Onionsite Has Disconnected" error message displayed for non-onion sites.I'm running Tor Browser 13.0.5 on Ubuntu, with the "prioritize .onion sites when known" setting disabled.
Occasionally when I attempt to load a page from a non-onion site, I am presented with the following error message:
Onionsite Has D...I'm running Tor Browser 13.0.5 on Ubuntu, with the "prioritize .onion sites when known" setting disabled.
Occasionally when I attempt to load a page from a non-onion site, I am presented with the following error message:
Onionsite Has Disconnected
Details: 0xF2 — Introduction failed, which means that the descriptor was found but the service is no longer connected to the introduction point. It is likely that the service has changed its descriptor or that it is not running.
This problem does not appear to be linked to any particular domain and as far as I can tell occurs at random. When the error message is displayed if I reload the page I get the same error message. If I click the "New Tor circuit for this site" button the page will load normally.cypherpunkscypherpunkshttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42311Firfox doesn't like the embedded PNG in tor-browser-logo.svg2024-01-09T14:38:33ZPier Angelo VendrameFirfox doesn't like the embedded PNG in tor-browser-logo.svgI was checking if the suggestion for the patch to resolve debug problems worked, and I stumbled upon about:tor dying for the assertion in `image/imgLoader.cpp:2474`:
```
MOZ_ASSERT(NS_UsePrivateBrowsing(newChannel) == mRespectPrivacy);
...I was checking if the suggestion for the patch to resolve debug problems worked, and I stumbled upon about:tor dying for the assertion in `image/imgLoader.cpp:2474`:
```
MOZ_ASSERT(NS_UsePrivateBrowsing(newChannel) == mRespectPrivacy);
```
<details><summary>Call stack</summary>
```
__GI___clock_nanosleep (@clock_nanosleep@GLIBC_2.2.5:29)
__GI___nanosleep (@__nanosleep:9)
__sleep (@sleep:17)
common_crap_handler(int, void const*) (/home/piero/Tor/tor-browser/toolkit/xre/nsSigHandlers.cpp:96)
child_ah_crap_handler(int) (/home/piero/Tor/tor-browser/toolkit/xre/nsSigHandlers.cpp:110)
WasmTrapHandler(int, siginfo_t*, void*) (/home/piero/Tor/tor-browser/js/src/wasm/WasmSignalHandlers.cpp:799)
__restore_rt (@__restore_rt:3)
imgLoader::LoadImage(nsIURI*, nsIURI*, nsIReferrerInfo*, nsIPrincipal*, unsigned long, nsILoadGroup*, imgINotificationObserver*, nsINode*, mozilla::dom::Document*, unsigned int, nsISupports*, nsIContentPolicy::nsContentPolicyType, nsTSubstring<char16_t> const&, bool, bool, unsigned long, imgRequestProxy**) (/home/piero/Tor/tor-browser/image/imgLoader.cpp:2474)
nsContentUtils::LoadImage(nsIURI*, nsINode*, mozilla::dom::Document*, nsIPrincipal*, unsigned long, nsIReferrerInfo*, imgINotificationObserver*, int, nsTSubstring<char16_t> const&, imgRequestProxy**, nsIContentPolicy::nsContentPolicyType, bool, bool, unsigned long) (/home/piero/Tor/tor-browser/dom/base/nsContentUtils.cpp:4004)
nsImageLoadingContent::LoadImage(nsIURI*, bool, bool, nsImageLoadingContent::ImageLoadType, unsigned int, mozilla::dom::Document*, nsIPrincipal*) (/home/piero/Tor/tor-browser/dom/base/nsImageLoadingContent.cpp:1143)
nsImageLoadingContent::LoadImage(nsTSubstring<char16_t> const&, bool, bool, nsImageLoadingContent::ImageLoadType, nsIPrincipal*) (/home/piero/Tor/tor-browser/dom/base/nsImageLoadingContent.cpp:1027)
mozilla::dom::SVGImageElement::LoadSVGImage(bool, bool) (/home/piero/Tor/tor-browser/dom/svg/SVGImageElement.cpp:146)
mozilla::dom::SVGImageElement::AfterSetAttr(int, nsAtom*, nsAttrValue const*, nsAttrValue const*, nsIPrincipal*, bool) (/home/piero/Tor/tor-browser/dom/svg/SVGImageElement.cpp:215)
mozilla::dom::Element::SetAttrAndNotify(int, nsAtom*, nsAtom*, nsAttrValue const*, nsAttrValue&, nsIPrincipal*, unsigned char, bool, bool, bool, mozilla::dom::Document*, mozAutoDocUpdate const&) (/home/piero/Tor/tor-browser/dom/base/Element.cpp:2653)
mozilla::dom::Element::SetAttr(int, nsAtom*, nsAtom*, nsTSubstring<char16_t> const&, nsIPrincipal*, bool) (/home/piero/Tor/tor-browser/dom/base/Element.cpp:2506)
mozilla::dom::Element::SetAttr(int, nsAtom*, nsAtom*, nsTSubstring<char16_t> const&, bool) (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/mozilla/dom/Element.h:1000)
nsXMLContentSink::AddAttributes(char16_t const**, mozilla::dom::Element*) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:1376)
nsXMLContentSink::HandleStartElement(char16_t const*, char16_t const**, unsigned int, unsigned int, unsigned int, bool) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:957)
nsXMLContentSink::HandleStartElement(char16_t const*, char16_t const**, unsigned int, unsigned int, unsigned int) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:903)
non-virtual thunk to nsXMLContentSink::HandleStartElement(char16_t const*, char16_t const**, unsigned int, unsigned int, unsigned int) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:0)
nsExpatDriver::HandleStartElement(rlbox::rlbox_sandbox<rlbox::rlbox_noop_sandbox>&, rlbox::tainted<void*, rlbox::rlbox_noop_sandbox>, rlbox::tainted<char16_t const*, rlbox::rlbox_noop_sandbox>, rlbox::tainted<char16_t const**, rlbox::rlbox_noop_sandbox>) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:477)
doContentInternal (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2920)
doContent (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2664)
contentProcessor (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2540)
MOZ_XML_ParseBuffer (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2004)
auto rlbox::rlbox_noop_sandbox::impl_invoke_with_func_ptr<XML_Status (XML_ParserStruct*, char const*, int, int), XML_Status (void*, void*, int, int), void*, void*, unsigned long, bool>(XML_Status (*)(void*, void*, int, int), void*&&, void*&&, unsigned long&&, bool&&) (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/mozilla/rlbox/rlbox_noop_sandbox.hpp:188)
auto rlbox::rlbox_sandbox<rlbox::rlbox_noop_sandbox>::INTERNAL_invoke_with_func_ptr<XML_Status (XML_ParserStruct*, char const*, int, int), rlbox::tainted<XML_ParserStruct*, rlbox::rlbox_noop_sandbox>&, rlbox::tainted<char const*, rlbox::rlbox_noop_sandbox>, unsigned long, bool>(char const*, void*, rlbox::tainted<XML_ParserStruct*, rlbox::rlbox_noop_sandbox>&, rlbox::tainted<char const*, rlbox::rlbox_noop_sandbox>&&, unsigned long&&, bool&&) (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/mozilla/rlbox/rlbox_sandbox.hpp:790)
nsExpatDriver::ParseChunk(char16_t const*, unsigned int, nsExpatDriver::ChunkOrBufferIsFinal, unsigned int*, unsigned long*) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:1248)
nsExpatDriver::ChunkAndParseBuffer(char16_t const*, unsigned int, bool, unsigned int*, unsigned int*, unsigned long*) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:1204)
nsExpatDriver::ResumeParse(nsScanner&, bool) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:1352)
nsParser::ResumeParse(bool, bool, bool) (/home/piero/Tor/tor-browser/parser/htmlparser/nsParser.cpp:716)
nsParser::OnDataAvailable(nsIRequest*, nsIInputStream*, unsigned long, unsigned int) (/home/piero/Tor/tor-browser/parser/htmlparser/nsParser.cpp:1027)
imgRequest::OnDataAvailable(nsIRequest*, nsIInputStream*, unsigned long, unsigned int) (/home/piero/Tor/tor-browser/image/imgRequest.cpp:1068)
nsJARChannel::OnDataAvailable(nsIRequest*, nsIInputStream*, unsigned long, unsigned int) (/home/piero/Tor/tor-browser/modules/libjar/nsJARChannel.cpp:1312)
nsInputStreamPump::OnStateTransfer() (/home/piero/Tor/tor-browser/netwerk/base/nsInputStreamPump.cpp:584)
nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) (/home/piero/Tor/tor-browser/netwerk/base/nsInputStreamPump.cpp:411)
non-virtual thunk to nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) (/home/piero/Tor/tor-browser/netwerk/base/nsInputStreamPump.cpp:0)
CallbackHolder::CallbackHolder(nsIAsyncInputStream*, nsIInputStreamCallback*, unsigned int, nsIEventTarget*)::'lambda'()::operator()() const (/home/piero/Tor/tor-browser/xpcom/io/nsPipe3.cpp:73)
already_AddRefed<mozilla::CancelableRunnable> NS_NewCancelableRunnableFunction<CallbackHolder::CallbackHolder(nsIAsyncInputStream*, nsIInputStreamCallback*, unsigned int, nsIEventTarget*)::'lambda'()>(char const*, CallbackHolder::CallbackHolder(nsIAsyncInputStream*, nsIInputStreamCallback*, unsigned int, nsIEventTarget*)::'lambda'()&&)::FuncCancelableRunnable::Run() (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/nsThreadUtils.h:667)
mozilla::RunnableTask::Run() (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:555)
mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:879)
mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:702)
mozilla::TaskController::ProcessPendingMTTask(bool) (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:491)
mozilla::TaskController::TaskController()::$_0::operator()() const (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:218)
mozilla::detail::RunnableFunction<mozilla::TaskController::TaskController()::$_0>::Run() (/home/piero/Tor/tor-browser/xpcom/threads/nsThreadUtils.h:548)
nsThread::ProcessNextEvent(bool, bool*) (/home/piero/Tor/tor-browser/xpcom/threads/nsThread.cpp:1240)
NS_ProcessNextEvent(nsIThread*, bool) (/home/piero/Tor/tor-browser/xpcom/threads/nsThreadUtils.cpp:479)
mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) (/home/piero/Tor/tor-browser/ipc/glue/MessagePump.cpp:85)
MessageLoop::RunHandler() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:361)
MessageLoop::Run() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:343)
nsBaseAppShell::Run() (/home/piero/Tor/tor-browser/widget/nsBaseAppShell.cpp:148)
XRE_RunAppShell() (/home/piero/Tor/tor-browser/toolkit/xre/nsEmbedFunctions.cpp:724)
mozilla::ipc::MessagePumpForChildProcess::Run(base::MessagePump::Delegate*) (/home/piero/Tor/tor-browser/ipc/glue/MessagePump.cpp:235)
MessageLoop::RunHandler() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:361)
MessageLoop::Run() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:343)
XRE_InitChildProcess(int, char**, XREChildData const*) (/home/piero/Tor/tor-browser/toolkit/xre/nsEmbedFunctions.cpp:659)
content_process_main(mozilla::Bootstrap*, int, char**) (/home/piero/Tor/tor-browser/ipc/contentproc/plugin-container.cpp:57)
main (/home/piero/Tor/tor-browser/browser/app/nsBrowserApp.cpp:375)
__libc_start_call_main (@__libc_start_call_main:26)
__libc_start_main_impl (@__libc_start_main@@GLIBC_2.34:43)
_start (@_start:14)
```
</details>
I'm trying an optimized build with asserts on, so many variables have been optimized out.
However, I managed to see that it was this PNG by checking `href` at the end of `mozilla::dom::SVGImageElement::LoadSVGImage`.
FWIW, I think this is a peculiarity of the YEC homepage.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42177about:support is broken on Whonix 16 with Tor Browser 13.02023-10-19T13:19:58ZRendezvousPointabout:support is broken on Whonix 16 with Tor Browser 13.0https://gitlab.torproject.org/tpo/applications/vpn/-/issues/97Consider adding a "No internet" state2024-03-27T17:28:52Zmicahmicah@torproject.orgConsider adding a "No internet" stateI was in an airport, with fairly restrictive internet. I had connected to the captive portal and logged in, so I could use the free airport wifi, and I wanted to turn on the Tor VPN to obfuscate my traffic. I launched it, pressed the con...I was in an airport, with fairly restrictive internet. I had connected to the captive portal and logged in, so I could use the free airport wifi, and I wanted to turn on the Tor VPN to obfuscate my traffic. I launched it, pressed the connect button, and it showed connected, and data transfer rates started to show.
However, nothing was loading in my browser on my device, so I went to go look at the logs, and I found that onionmasq underneath was complaining about failing to connect to the tor network, it clearly was not actually connected and was retrying, but the UI was showing I was connected and that data was being transferred.
I failed to copy the logs, and I realize that its not trivial to re-produce this, but I thought I should file an issue to get this out there.VPN pre-alpha 07donutsdonutshttps://gitlab.torproject.org/tpo/applications/mullvad-browser/-/issues/200Build system installer for Mullvad Browser on Windows2024-03-26T16:07:58ZrichardBuild system installer for Mullvad Browser on WindowsCurrently Mullvad Browser inherits Tor Browse's portable-only installer on Windows. We should either:
1. Add support to existing installer to support portable OR system `%PROGRAMFILES%` installs
2. Create a second installer which can in...Currently Mullvad Browser inherits Tor Browse's portable-only installer on Windows. We should either:
1. Add support to existing installer to support portable OR system `%PROGRAMFILES%` installs
2. Create a second installer which can install to a system location, separate from the portable installer
3. Update existing installer to be a classic system installer and instead ship portable as a zip archive
Some things to consider:
- System installation requires Admin/Elevation privileges on Windows. NSIS installers can be built such that the elevation prompt happens automatically on launch, but this will likely/possible prevent portable installation on systems which the user does not have admin access (such as in library/univeristy/corporate terminals). I don't know if you can conditionally elevate in an NSIS installer based on install location.
- A second installer to counter the previous constraint would work, but could cause user confusion
- Providing a zip bundle may make it easier for dowstream package maintainers if any were to appear (eg for [chocolatay](https://chocolatey.org/))Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42173Error instead of https://noscript.net/getit/ (13.0a6)2023-11-01T18:19:45ZcypherpunksError instead of https://noscript.net/getit/ (13.0a6)```
GET
https://noscript.net/getit/
Security state 0 has no known STATE_IS_* flags. DevToolsInfaillibleUtils.sys.mjs:22:13
reportException resource://devtools/shared/DevToolsInfaillibleUtils.sys.mjs:22
parseSecurityInfo resource...```
GET
https://noscript.net/getit/
Security state 0 has no known STATE_IS_* flags. DevToolsInfaillibleUtils.sys.mjs:22:13
reportException resource://devtools/shared/DevToolsInfaillibleUtils.sys.mjs:22
parseSecurityInfo resource://devtools/shared/network-observer/NetworkHelper.sys.mjs:671
#getSecurityInfo resource://devtools/shared/network-observer/NetworkResponseListener.sys.mjs:364
onStartRequest resource://devtools/shared/network-observer/NetworkResponseListener.sys.mjs:262
NS_ERROR_UNKNOWN_PROXY_HOST: Component returned failure code: 0x804b002a (NS_ERROR_UNKNOWN_PROXY_HOST) [nsIDNSService.asyncResolve] 2 URIFixup.sys.mjs:626
checkHost resource://gre/modules/URIFixup.sys.mjs:626
RPMCheckAlternateHostAvailable resource://gre/actors/NetErrorChild.sys.mjs:144
accessCheckedFn resource://gre/actors/RemotePageChild.sys.mjs:77
initPage chrome://global/content/aboutNetError.mjs:424
<anonymous> chrome://global/content/aboutNetError.mjs:1570
Uncaught (in promise) DOMException: An exception was thrown
initPage chrome://global/content/aboutNetError.mjs:424
<anonymous> chrome://global/content/aboutNetError.mjs:1570
aboutNetError.mjs:424
```https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42174"GET / undefined" from Tor Browser, but "GET / HTTP/1.1" on normal Firefox Br...2023-11-07T13:30:45Zcypherpunks"GET / undefined" from Tor Browser, but "GET / HTTP/1.1" on normal Firefox BrowserYour Browser is sending "GET / undefined", while Firefox and Chrome correctly navigate with HTTP/1.1 or 2.0. This started happening since v13. Normal Firefox, Firefox with Tor, Chrome, Chrome with Tor never have this problem.Your Browser is sending "GET / undefined", while Firefox and Chrome correctly navigate with HTTP/1.1 or 2.0. This started happening since v13. Normal Firefox, Firefox with Tor, Chrome, Chrome with Tor never have this problem.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41112Integrate cross-tab identity leak protection into Tor Browser with native UX2024-03-27T14:39:06ZdonutsIntegrate cross-tab identity leak protection into Tor Browser with native UXIn response to the potential for cache side channel attacks reported in https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41071, @ma1 deployed [Cross-tab Identity Leak Protection](https://noscript.net/usage/#crosstab-i...In response to the potential for cache side channel attacks reported in https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41071, @ma1 deployed [Cross-tab Identity Leak Protection](https://noscript.net/usage/#crosstab-identity-leak-protection) (or "TabGuard") in NoScript 11.4.8. However some users are finding the warning confusing, and/or are suffering from warning fatigue – e.g.:
```
<Jeremy_Rand_36C3[m]> So far at least 2 users in #tor have been very confused about the NoScript warnings that were recently added. One of them thought the warning meant his identity had already leaked, and panicked and shut off Tor Browser. Seems like we should ask the UX Team to evaluate how we can improve this, now that we have some breathing room since the vulnerability is mitigated.
<Jeremy_Rand_36C3[m]> One of the two users I noticed who was confused about the warning was one of my co-workers, who is very technically proficient, including about Tor, and even he couldn't understand what the warning was about, what triggered it, and what the correct course of action was
<Jeremy_Rand_36C3[m]> Then you have a less sophisticated user who thought the warning meant he was already pwned and panicked
<Jeremy_Rand_36C3[m]> I was hoping the UX Team might be able to evaluate how this warning can be better presented so that users don't get confused or make bad decisions when they see it
```
We're planning on integrating this feature into Tor Browser as part of the work to migrate the Security Level feature in https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40925. We should take this opportunity to improve the UX in general, in addition to converting the feature into standard Tor Browser UI patterns.ma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42186Decide on whether to retire about:tbupdate2023-11-07T15:23:51ZhenryDecide on whether to retire about:tbupdateWith the new design from https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41333, we removed the link to "about:tbupdate" in the top right corner, underneath the version number. This was the only link to the "about:tbup...With the new design from https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41333, we removed the link to "about:tbupdate" in the top right corner, underneath the version number. This was the only link to the "about:tbupdate" page, so it no longer has any external links (not even in "about:about").
Note: when there is an update, we show a link to the blog post in "about:tor". This was also true for the old "about:tor" design.
Given that "about:tbupdate" simply prints out the top of `ChangeLog.txt`, I think we can probably eventually retire the page, and redirect users to check online, or the local `ChangeLog.txt` file if they are interested.
Any thoughts, or any insights into why users would want to keep the page?
/cc @richard @pierov @donutsdonutsdonutshttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42082readPixels patch for WebGL breaks some websites2023-11-05T19:13:42Zcypherpunks1readPixels patch for WebGL breaks some websitesThe patch makes some websites completely unusable on Tor Browser and Mullvad Browser and removing the patch (51467cda57ce14cf9bccf69400c5f76267bae64b) solves the issue for me.The patch makes some websites completely unusable on Tor Browser and Mullvad Browser and removing the patch (51467cda57ce14cf9bccf69400c5f76267bae64b) solves the issue for me.cypherpunks1cypherpunks1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42044add -moz-device-pixel-ratio to RFP2023-08-28T14:26:07ZThorinadd -moz-device-pixel-ratio to RFPin #41740 we will change the devicePixelRatio spoof to 2
This issue is to add `-moz-device-pixel-ratio` to RFP to do the samein #41740 we will change the devicePixelRatio spoof to 2
This issue is to add `-moz-device-pixel-ratio` to RFP to do the sameThorinThorinhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42104Gah. Your tab just crashed. Cause: Usage of Hardened-Malloc2023-09-20T01:37:01ZshanzhanzGah. Your tab just crashed. Cause: Usage of Hardened-Malloc<!--
* Use this issue template for reporting a new bug.
-->
### Summary
**Summarize the bug encountered concisely.**
When opening tabs that are loaded with JS it will crush.
### Steps to reproduce:
**How one can reproduce the issue - ...<!--
* Use this issue template for reporting a new bug.
-->
### Summary
**Summarize the bug encountered concisely.**
When opening tabs that are loaded with JS it will crush.
### Steps to reproduce:
**How one can reproduce the issue - this is very important.**
Sadly no known steps to reproduce it, but i can provide all the needed logs.
### What is the current bug behavior?
**What actually happens.**
![tbnsbug](/uploads/811109c00bf1d37b031e13bcab6a7a92/tbnsbug.png)
### What is the expected behavior?
**What you want to see instead**
https://monkeytype.com/
### Environment
**Which operating system are you using? For example: Debian GNU/Linux 10.1, Windows 10, Ubuntu Xenial, FreeBSD 12.2, etc.**
**Which installation method did you use? Distribution package (apt, pkg, homebrew), from source tarball, from Git, etc.**
Debian 12
TB downloaded from TPO download page.
### Relevant logs
```
[host user ~]% torbrowser
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 42: Use of ambiguous path in <dir> element. please add prefix="cwd" if current behavior is desired.
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 118: unknown element "blank"
Crash Annotation GraphicsCriticalError: |[0][GFX1-]: No GPUs detected via PCI (t=0.673829) [GFX1-]: No GPUs detected via PCI
Crash Annotation GraphicsCriticalError: |[0][GFX1-]: No GPUs detected via PCI (t=0.673829) |[1][GFX1-]: glxtest: process failed (received signal 11) (t=0.673876) [GFX1-]: glxtest: process failed (received signal 11)
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 42: Use of ambiguous path in <dir> element. please add prefix="cwd" if current behavior is desired.
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 118: unknown element "blank"
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 42: Use of ambiguous path in <dir> element. please add prefix="cwd" if current behavior is desired.
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 118: unknown element "blank"
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 42: Use of ambiguous path in <dir> element. please add prefix="cwd" if current behavior is desired.
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 118: unknown element "blank"
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 42: Use of ambiguous path in <dir> element. please add prefix="cwd" if current behavior is desired.
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 118: unknown element "blank"
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 42: Use of ambiguous path in <dir> element. please add prefix="cwd" if current behavior is desired.
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 118: unknown element "blank"
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 42: Use of ambiguous path in <dir> element. please add prefix="cwd" if current behavior is desired.
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 118: unknown element "blank"
(Tor Browser:2921): Gtk-WARNING **: 16:46:54.143: Could not load a pixbuf from /org/gtk/libgtk/theme/Adwaita/assets/bullet-symbolic.svg.
This may indicate that pixbuf loaders or the mime database could not be found.
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 42: Use of ambiguous path in <dir> element. please add prefix="cwd" if current behavior is desired.
Fontconfig warning: "/home/user/.tb/tor-browser/Browser/fontconfig/fonts.conf", line 118: unknown element "blank"
fatal allocator error: invalid uninitialized allocator usage
Redirecting call to abort() to mozalloc_abort
```https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/issues/239Arch Linux spits out core dump and stops when building from source2023-10-02T03:30:43ZGhost UserArch Linux spits out core dump and stops when building from source<!--
* Use this issue template for reporting a new bug.
-->
### Summary
**Summarize the bug encountered concisely.**
### Steps to reproduce:
**How one can reproduce the issue - this is very important.**
1. [paru](https://github.com/M...<!--
* Use this issue template for reporting a new bug.
-->
### Summary
**Summarize the bug encountered concisely.**
### Steps to reproduce:
**How one can reproduce the issue - this is very important.**
1. [paru](https://github.com/Morganamilo/paru/) -G [mullvad-browser](https://aur.archlinux.org/packages/mullvad-browser)
2. cd mullvad-browser
3. [makepkg](https://gitlab.archlinux.org/pacman/pacman)
### What is the current bug behavior?
**What actually happens.**
Build fails with output of core dump
### What is the expected behavior?
**What you want to see instead**
Build succeeds and binary package is generated
### Environment
**Which operating system are you using? For example: Debian GNU/Linux 10.1, Windows 10, Ubuntu Xenial, FreeBSD 12.2, etc.**
**Which installation method did you use? Distribution package (apt, pkg, homebrew), from source tarball, from Git, etc.**
- OS: Arch Linux
- Repository: [Arch User Reposotory](https://aur.archlinux.org/)
### Relevant logs and/or screenshots
- [stdout-1.log](/uploads/5840e22ac93bd8949751e98f75ba92ca/stdout-1.log)
- [stdout-2.log](/uploads/52c9485b174999d1e5bef9261a3162c5/stdout-2.log)
- [stdout-3.log](/uploads/9ddc8fcdf90d75182b7090aafd224f23/stdout-3.log)
- [stdout-4.log](/uploads/37d8053995bbc643c7d9bc2759f9dc2d/stdout-4.log)
- [stdout-5.log](/uploads/e72bddd5a2aad21f6682e7160ce1d759/stdout-5.log)
- [stdout-6.log](/uploads/b709a5ac52d78497b70a5fec3456079e/stdout-6.log)
- [journal.log](/uploads/5e300b207cedafa3b6eaa8bffec1eb04/journal.log)https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41870Modern firewall-penetration protocols for Tor in China2023-07-07T10:01:53ZcomputerscotModern firewall-penetration protocols for Tor in ChinaReports on https://github.com/net4people/bbs/issues and https://forum.torproject.org say that both obfs4 and snowflake are blocked by the GFW. There are also doubts about whether the new WebTunnel pluggable transport will work. The GFW d...Reports on https://github.com/net4people/bbs/issues and https://forum.torproject.org say that both obfs4 and snowflake are blocked by the GFW. There are also doubts about whether the new WebTunnel pluggable transport will work. The GFW detects and blocks WebSocket-based proxies.
This is a proof-of-concept for more modern firewall-penetration protocols.
To test these protocols in action, set up an Xray server and client using the latest techniques, for example, https://cscot.pages.dev/2023/07/02/xray-reality-h2. If you follow the sample configuration in that article, you will have a SOCKS5 proxy listening on port `10808` on your client.
Download and install the Tor Browser from https://www.torproject.org.
When you run the Tor Browser for the first time, click **Configure Connection**.
Scroll down and click the **Settings** button at the bottom to configure how you connect to the internet. Check **I use a proxy to connect to the Internet**. The type is **SOCKS5**, the address is `127.0.0.1`, and the port is `10808`. Click **OK**.
I have found it more reliable to click **Select a Built-In Bridge**. This should not be necessary, since the Xray server is already outside the GFW. Perhaps it helps because built-in bridges are faster than random entry nodes. Select **obfs4**. Click **Connect**.
Now you can test your connection by trying to reach a Tor-only site.
BBC News in simplified Chinese:
```
https://www.bbcweb3hytmzhn5d532owbu6oqadra5z3ar726vq5kgwwn6aucdccrad.onion/zhongwen/simp
```
DW News in simplified Chinese:
```
https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/zh/?zhongwen=simp
```
New York Times in simplified Chinese:
```
https://cn.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion
```
![dw-onion-simplified-chinese](/uploads/c696b775dc1f976880b42e8100342f54/dw-onion-simplified-chinese.png)meskiomeskio@torproject.orgmeskiomeskio@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/128Modern firewall-penetration protocols for Tor in China2023-08-11T09:50:26ZcomputerscotModern firewall-penetration protocols for Tor in ChinaReports on https://github.com/net4people/bbs/issues and https://forum.torproject.org say that both obfs4 and snowflake are blocked by the GFW. There are also doubts about whether the new WebTunnel pluggable transport will work. The GFW d...Reports on https://github.com/net4people/bbs/issues and https://forum.torproject.org say that both obfs4 and snowflake are blocked by the GFW. There are also doubts about whether the new WebTunnel pluggable transport will work. The GFW detects and blocks WebSocket-based proxies.
This is a proof-of-concept for more modern firewall-penetration protocols.
To test these protocols in action, set up an Xray server and client using the latest techniques, for example, https://cscot.pages.dev/2023/07/02/xray-reality-h2. If you follow the sample configuration in that article, you will have a SOCKS5 proxy listening on port `10808` on your client.
Download and install the Tor Browser from https://www.torproject.org.
When you run the Tor Browser for the first time, click **Configure Connection**.
Scroll down and click the **Settings** button at the bottom to configure how you connect to the internet. Check **I use a proxy to connect to the Internet**. The type is **SOCKS5**, the address is `127.0.0.1`, and the port is `10808`. Click **OK**.
I have found it more reliable to click **Select a Built-In Bridge**. This should not be necessary, since the Xray server is already outside the GFW. Perhaps it helps because built-in bridges are faster than random entry nodes. Select **obfs4**. Click **Connect**.
Now you can test your connection by trying to reach a Tor-only site.
BBC News in simplified Chinese:
```
https://www.bbcweb3hytmzhn5d532owbu6oqadra5z3ar726vq5kgwwn6aucdccrad.onion/zhongwen/simp
```
DW News in simplified Chinese:
```
https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/zh/?zhongwen=simp
```
New York Times in simplified Chinese:
```
https://cn.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion
```
![dw-onion-simplified-chinese](/uploads/37794d56098885a7979eb2230e140737/dw-onion-simplified-chinese.png)meskiomeskio@torproject.orgmeskiomeskio@torproject.orghttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41817Add more color aliases that take dark mode into account2023-09-19T03:31:18ZPier Angelo VendrameAdd more color aliases that take dark mode into accountWe should add a few new aliases for our colors, e.g., `--purple-60` and `--purple-30`, to remove more media queries.
They're needed for example in the pereferences (see https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_...We should add a few new aliases for our colors, e.g., `--purple-60` and `--purple-30`, to remove more media queries.
They're needed for example in the pereferences (see https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/660#note_2909188).
We already do it for `--tor-branding-color`, but it's tied to the release channel.henryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41742Enable IPv6 client by default2024-02-19T17:38:26Zagowa338Enable IPv6 client by defaultCurrently, the Tor Browser bundle does not enable IPv6 for connections to entry or guard nodes. This causes the tor browser to get stuck in the "Establishing a Connection" screen while claiming that internet connectivity is properly avai...Currently, the Tor Browser bundle does not enable IPv6 for connections to entry or guard nodes. This causes the tor browser to get stuck in the "Establishing a Connection" screen while claiming that internet connectivity is properly available within the settings page in IPv6-only networks with DNS64 and NAT64.
![image](/uploads/ef2fe02a28186213ecd26477fb9c1e00/image.png)
![image](/uploads/5d87348c1dc28e682742a1e416795e70/image.png)
Log:
```
2023-04-23 11:57:14.691 [NOTICE] New control connection opened from 127.0.0.1.
2023-04-23 11:57:14.691 [NOTICE] New control connection opened from 127.0.0.1.
2023-04-23 11:57:14.706 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
2023-04-23 11:57:18.065 [NOTICE] Opening Socks listener on 127.0.0.1:9150
2023-04-23 11:57:18.065 [NOTICE] Opened Socks listener connection (ready) on 127.0.0.1:9150
2023-04-23 11:57:18.072 [NOTICE] Renaming old configuration file to "D:\Tor Browser\Browser\TorBrowser\Data\Tor\torrc.orig.1"
2023-04-23 11:57:47.906 [NOTICE] Application request when we haven't used client functionality lately. Optimistically trying directory fetches again.
2023-04-23 11:58:21.158 [NOTICE] New control connection opened from 127.0.0.1.
```
Possible solutions:
1. Add `ClientUseIPv6 1` and `ClientPreferIPv6ORPort 1` to the torrc-defaults. As this only influences us using IPv6 for the connection to the entry node, and we're expecting to be on a monitored network already. It doesn't change anything. As establishing a connection with our IPv6 address is the same as someone logging all NAT44 transitions (or not having any NAT, as in, e.g., university networks) is the same threat vector. So changing this default is probably the best and easiest solution. (Also, as a side effect, it improves the performance of the tor client in CG-NAT scenarios)
2. Do #1, but not "just" within the Tor Browser (bundle) but within the tor client itself.
3. Do #1 but only as a fallback when IPv4 fails after user confirmation. I don't see why that would be preferred, but it would also improve the current situation where the tor client gets stuck without any message, and users don't know what to do. Or them assuming Tor is blocked on the network and (try to) requesting bridges where it is neither necessarily helpful nor necessary.
4. Another flavor of #3, add a distinct warning/error message when no IPv4 connectivity is possible and also add a configuration option within Tor Browser to enable IPv6 connectivity. I again don't see why this would be preferred over enabling the client to use IPv6, but ymmv.
5. Detect the presence of NAT64 using a DNS lookup of `ipv4only.arpa` and even if clientUseIPv6 is disabled use IPv6 but only to communicate with IPv4 endpoints. I consider this the worst solution, but I want to mention it, as it is still better than the status quo.
My preferred solutions are #1 and #2, as it is the simplest one to implement.https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/issues/156For some website, i-dont-care-about-cookies.eu seems more efficient to block ...2023-08-26T05:59:58ZruihildtFor some website, i-dont-care-about-cookies.eu seems more efficient to block cookie bannersMaybe we can consider adding this list too?
URL: https://www.i-dont-care-about-cookies.eu/abp/Maybe we can consider adding this list too?
URL: https://www.i-dont-care-about-cookies.eu/abp/ruihildtruihildthttps://gitlab.torproject.org/tpo/applications/mullvad-browser/-/issues/151WebRTC leaks UDP traffic outside socks5 proxy2024-02-21T13:20:46ZruihildtWebRTC leaks UDP traffic outside socks5 proxy- Connect to a socks5 proxy on port 1080 in your LAN that uses a different IP than your computer
- Create a room on meet.mullvad.net jitsi instance
- tcpdump on interface connected to internet and filter out port 1080
- observe UDP traff...- Connect to a socks5 proxy on port 1080 in your LAN that uses a different IP than your computer
- Create a room on meet.mullvad.net jitsi instance
- tcpdump on interface connected to internet and filter out port 1080
- observe UDP traffic to the remote jitsi meet peer
So this is not specific to Mullvad Browser, so not sure how/if we need to deal with it.ma1ma1