Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-16T00:50:24Zhttps://gitlab.torproject.org/legacy/trac/-/issues/17599Please add keyboard shortcuts for New Identity and New Tor Circuit for this Site2020-06-16T00:50:24ZcypherpunksPlease add keyboard shortcuts for New Identity and New Tor Circuit for this SitePlease add keyboard shortcuts for New Identity and New Tor Circuit for this SitePlease add keyboard shortcuts for New Identity and New Tor Circuit for this Sitehttps://gitlab.torproject.org/legacy/trac/-/issues/17790unit tests for keyboard defenses2020-06-15T23:31:45ZArthur Edelsteinunit tests for keyboard defensesOur patches for #15646 and #17009 should have unit tests.Our patches for #15646 and #17009 should have unit tests.https://gitlab.torproject.org/legacy/trac/-/issues/18238remove unused code and strings from Torbutton2020-06-16T01:28:00ZMark Smithremove unused code and strings from TorbuttonWhile waiting for Tor Browser builds to finish, Kathy started to look at what code and strings could be removed from Torbutton. This will be done with a series of patches to make review easier.While waiting for Tor Browser builds to finish, Kathy started to look at what code and strings could be removed from Torbutton. This will be done with a series of patches to make review easier.Kathleen BradeKathleen Bradehttps://gitlab.torproject.org/legacy/trac/-/issues/18333Upgrade go to 1.6.22020-06-15T23:36:46ZDavid Fifielddcf@torproject.orgUpgrade go to 1.6.2Release notes: https://golang.org/doc/go1.6
It's not a security requirement or anything, but we're currently on 1.4.3 and don't want to fall too far behind.Release notes: https://golang.org/doc/go1.6
It's not a security requirement or anything, but we're currently on 1.4.3 and don't want to fall too far behind.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/18601User Timing API in workers might expose high resolution time to content2020-06-15T23:34:07ZGeorg KoppenUser Timing API in workers might expose high resolution time to contentWe should ensure that the User Timing API used in workers is disabled there as well.
See: #18597 for the testing.We should ensure that the User Timing API used in workers is disabled there as well.
See: #18597 for the testing.https://gitlab.torproject.org/legacy/trac/-/issues/18619TBB/ESR45 reports "InvalidStateError" in browser console2020-06-16T00:43:58ZArthur EdelsteinTBB/ESR45 reports "InvalidStateError" in browser consoleAn `InvalidStateError` appears in the browser console, unfortunately with no source filename or line number (only the word `<unknown>` for source). I tracked this error down to our setting the pref "dom.indexedDB.enabled" to false in `00...An `InvalidStateError` appears in the browser console, unfortunately with no source filename or line number (only the word `<unknown>` for source). I tracked this error down to our setting the pref "dom.indexedDB.enabled" to false in `000-tor-browser.js`. I haven't yet found where the error is being produced, but I presume it is a `.jsm` or `.js` file somewhere in the Firefox codebase, attempting to use an indexedDB.https://gitlab.torproject.org/legacy/trac/-/issues/18703Videos loaded via the Page Info dialog are going over the catch-all circuit2020-06-15T23:34:18ZbugzillaVideos loaded via the Page Info dialog are going over the catch-all circuitLoad https://www.torproject.org/press/video.html.en and observe that the video is getting loaded over the circuit used for all the other resources of *.torproject.org. Now, open the Page Info dialog and the video that gets loaded again g...Load https://www.torproject.org/press/video.html.en and observe that the video is getting loaded over the circuit used for all the other resources of *.torproject.org. Now, open the Page Info dialog and the video that gets loaded again goes over the catch-all circuit. I think the expected behavior is to let the request go over the circuit for the URL bar domain of the page in question as well.https://gitlab.torproject.org/legacy/trac/-/issues/18743"Sign in to Sync" icon not hidden in ESR45-based Tor Browser2020-06-16T00:46:07ZMark Smith"Sign in to Sync" icon not hidden in ESR45-based Tor BrowserWith the patch for #16488 (rebased to the ESR45 codebase) applied, the "Sign in to Sync" text label is correctly hidden but the icon is still visible in the hamburger menu.With the patch for #16488 (rebased to the ESR45 codebase) applied, the "Sign in to Sync" text label is correctly hidden but the icon is still visible in the hamburger menu.https://gitlab.torproject.org/legacy/trac/-/issues/18770SVGs should not show in Page Info when disabled2020-06-15T23:34:24ZMark SmithSVGs should not show in Page Info when disabledWhen svg.in-content.enabled = false, SVGs should not be rendered in the Media tab within Page Info.
Also see ticket:15197#comment:32 and ticket:15197#comment:33.
We should fix this in the ESR45 timeframe (although it is an issue with ou...When svg.in-content.enabled = false, SVGs should not be rendered in the Media tab within Page Info.
Also see ticket:15197#comment:32 and ticket:15197#comment:33.
We should fix this in the ESR45 timeframe (although it is an issue with our ESR38-based browser too).Mark SmithMark Smithhttps://gitlab.torproject.org/legacy/trac/-/issues/18811Our first-party isolation patch incorrectly rejects blobs retrieved in workers2020-06-15T23:34:33ZArthur EdelsteinOur first-party isolation patch incorrectly rejects blobs retrieved in workersWhen isolation is enabled, blobs retrieved by an XHR inside a worker are rejected even when the blob's first party matches the worker's first party. I found that the regression was caused by this Mozilla patch:
https://hg.mozilla.org/moz...When isolation is enabled, blobs retrieved by an XHR inside a worker are rejected even when the blob's first party matches the worker's first party. I found that the regression was caused by this Mozilla patch:
https://hg.mozilla.org/mozilla-central/diff/12a852867c16/dom/base/nsXMLHttpRequest.cpp#l1694
Because of the Mozilla patch, when we are in a worker, NS_NewChannel is no longer passed a document, so our patch code in `nsHostObjectProtocolHandler::NewChannel2` is not able to obtain the correct first party. Therefore the blob URI is rejected even if the first party of the worker matches. I haven't yet figured out how to fix this problem.Arthur EdelsteinArthur Edelsteinhttps://gitlab.torproject.org/legacy/trac/-/issues/18845Make zip and tar helpers generate reproducible archives without relying on li...2020-06-15T23:38:14ZboklmMake zip and tar helpers generate reproducible archives without relying on libfaketimeIn the Tor Browser build process, we are using some helper scripts to generate zip and tar archives reproducibly. Those helper scripts expect the modification time of the included files to be reproducible, which is the case when we are u...In the Tor Browser build process, we are using some helper scripts to generate zip and tar archives reproducibly. Those helper scripts expect the modification time of the included files to be reproducible, which is the case when we are using libfaketime during the builds.
To be able to remove the use of libfaketime in some parts of the build process and still generate reproducible archives, we could update the helper scripts to change the time of all files included in the archives according to `$REFERENCE_DATETIME`.boklmboklmhttps://gitlab.torproject.org/legacy/trac/-/issues/18855Add-on directory clean-up error after update check2020-06-15T23:34:38ZGeorg KoppenAdd-on directory clean-up error after update checkIt seems we get an error after the add-on update check with ESR45:
```
1461145678000 addons.xpi ERROR Failed to clean updated system add-ons directories.: Unix error 2 during operation DirectoryIterator.prototype.next on file /path/to/to...It seems we get an error after the add-on update check with ESR45:
```
1461145678000 addons.xpi ERROR Failed to clean updated system add-ons directories.: Unix error 2 during operation DirectoryIterator.prototype.next on file /path/to/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/features (file or directory not found) ((unknown module)) No traceback available
```Mark SmithMark Smithhttps://gitlab.torproject.org/legacy/trac/-/issues/18884Rip Firefox Hello Beta / Loop extension in ESR45 based Tor Browser2020-06-15T23:34:43ZGeorg KoppenRip Firefox Hello Beta / Loop extension in ESR45 based Tor BrowserWe should think about getting rid of the Hello/Loop extension. As gacar mentioned (https://lists.torproject.org/pipermail/tor-qa/2016-April/000809.html) it is quite large (1.6 MB) and is probably not running anyway as we are disable WebR...We should think about getting rid of the Hello/Loop extension. As gacar mentioned (https://lists.torproject.org/pipermail/tor-qa/2016-April/000809.html) it is quite large (1.6 MB) and is probably not running anyway as we are disable WebRTC at compile time and Firefox Hello is not active either.Arthur EdelsteinArthur Edelsteinhttps://gitlab.torproject.org/legacy/trac/-/issues/18885Disable logging of TLS/SSL key material by default in Tor Browser2020-06-15T23:42:27ZGeorg KoppenDisable logging of TLS/SSL key material by default in Tor BrowserWe should think about backporting the fix for https://bugzilla.mozilla.org/show_bug.cgi?id=1183318 as another defense-in-depth measure.We should think about backporting the fix for https://bugzilla.mozilla.org/show_bug.cgi?id=1183318 as another defense-in-depth measure.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/18886consider removing Pocket2020-06-15T23:34:44ZMark Smithconsider removing PocketFirefox 45 ESR includes Pocket client code and UI. We may want to remove it, since it encourages use of a third party service that we do not know much about.
Maybe all we need to do is set extensions.pocket.enabled = false to disable it...Firefox 45 ESR includes Pocket client code and UI. We may want to remove it, since it encourages use of a third party service that we do not know much about.
Maybe all we need to do is set extensions.pocket.enabled = false to disable it.
It is also worth noting that for Firefox 46, the Pocket code has been pulled out of the core browser and moved to a system extension (see https://bugzilla.mozilla.org/show_bug.cgi?id=1215694)Arthur EdelsteinArthur Edelsteinhttps://gitlab.torproject.org/legacy/trac/-/issues/18912add automated tests for updater cert pinning2020-06-16T00:44:08ZMark Smithadd automated tests for updater cert pinningThis is a spinoff of #17442. We want to add automated tests to ensure that we notice if Mozilla changes something that breaks the updater cert pinning.This is a spinoff of #17442. We want to add automated tests to ensure that we notice if Mozilla changes something that breaks the updater cert pinning.Mark SmithMark Smithhttps://gitlab.torproject.org/legacy/trac/-/issues/18914Consider removing <isindex>2020-06-15T23:34:49ZMark SmithConsider removing <isindex>Mozilla is thinking about removing support for <isindex> HTML element. References:
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/isindex
https://groups.google.com/forum/#!topic/mozilla.dev.platform/DV3YBf7wI3M and
https://...Mozilla is thinking about removing support for <isindex> HTML element. References:
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/isindex
https://groups.google.com/forum/#!topic/mozilla.dev.platform/DV3YBf7wI3M and
https://bugzilla.mozilla.org/show_bug.cgi?id=1266495
The reason we might want to do this for TB 6.0 is that <isindex> generates a form that has a label that contains text that comes from the browser's UI locale (thus leaking that information).
There is a risk that some sites are using this tag.https://gitlab.torproject.org/legacy/trac/-/issues/18915Omnibox in a non-english Tor Browser has no Disconnect.me as search engine in...2020-06-15T23:42:29ZGeorg KoppenOmnibox in a non-english Tor Browser has no Disconnect.me as search engine in 6.0a5We lost Disconnect.me as search engine somehow in our non-en-US bundles. Seems #11236 is showing its ugly head again (see comment 9 and https://bugzilla.mozilla.org/show_bug.cgi?id=1126722). Sad that our test suite is broken by the trans...We lost Disconnect.me as search engine somehow in our non-en-US bundles. Seems #11236 is showing its ugly head again (see comment 9 and https://bugzilla.mozilla.org/show_bug.cgi?id=1126722). Sad that our test suite is broken by the transition to ESR45 as well otherwise we would have caught this one earlier (too) :/Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/18928Mac OS: alpha channel upgrade is not smooth2020-06-15T23:34:52ZMark SmithMac OS: alpha channel upgrade is not smoothOn Mac OS, when I upgrade to Tor Browser 6.0a5 from an older version, it does not go well. After applying the MAR update and restarting, tor is not started and Tor Launcher displays this error:
Unable to start tor
The Tor executable ...On Mac OS, when I upgrade to Tor Browser 6.0a5 from an older version, it does not go well. After applying the MAR update and restarting, tor is not started and Tor Launcher displays this error:
Unable to start tor
The Tor executable is missing
Quitting and restarting a second time seems to fix the problem.https://gitlab.torproject.org/legacy/trac/-/issues/18945Disable monitoring the connected state of Tor Browser users2020-06-15T23:34:57ZGeorg KoppenDisable monitoring the connected state of Tor Browser users`network.manage-offline-status` should be set to `false` again in order to disable monitoring the connected state of users. (basically enabling the status quo ante).`network.manage-offline-status` should be set to `false` again in order to disable monitoring the connected state of users. (basically enabling the status quo ante).Mark SmithMark Smithhttps://gitlab.torproject.org/legacy/trac/-/issues/189476.0a5 is not starting on OS X if put into /Applications2020-06-15T23:34:59ZGeorg Koppen6.0a5 is not starting on OS X if put into /ApplicationsNick reported that 6.0a5 on OS X is neither starting after an update nor after being freshly downloaded. The error message is: Tor launcher\n\nTor unexpectedly exited. This might be a bug in Tor itself...
Running "tor.real" from the com...Nick reported that 6.0a5 on OS X is neither starting after an update nor after being freshly downloaded. The error message is: Tor launcher\n\nTor unexpectedly exited. This might be a bug in Tor itself...
Running "tor.real" from the command line is starting it fine.
After a bit of testing it turned out that putting it on the desktop is working fine, too. Just having it in /Applications produces the bug. I guess this is due to #13252.Mark SmithMark Smithhttps://gitlab.torproject.org/legacy/trac/-/issues/18950Disable or audit Reader View in ESR 452020-06-16T00:49:33ZGeorg KoppenDisable or audit Reader View in ESR 45Firefox ships with a new feature, Reader View (https://support.mozilla.org/en-US/kb/firefox-reader-view-clutter-free-web-pages). We should audit it or disable it for the time being if we don't get to that.Firefox ships with a new feature, Reader View (https://support.mozilla.org/en-US/kb/firefox-reader-view-clutter-free-web-pages). We should audit it or disable it for the time being if we don't get to that.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/18951Mac OS: HTTPS-E missing after update2020-06-15T23:35:00ZMark SmithMac OS: HTTPS-E missing after updateIn the TB 6.0a5 installable packages (dmg files), HTTPS-E is included under TorBrowser.app/Contents/Resources/distribution/extensions as expected. But after completing an incremental update from TB 6.0a4 to 6.0a5, the HTTPS-E extension i...In the TB 6.0a5 installable packages (dmg files), HTTPS-E is included under TorBrowser.app/Contents/Resources/distribution/extensions as expected. But after completing an incremental update from TB 6.0a4 to 6.0a5, the HTTPS-E extension is missing.https://gitlab.torproject.org/legacy/trac/-/issues/18958screen.orientation should lie2020-06-15T23:35:01ZMark Smithscreen.orientation should lieFor Firefox 43, Mozilla added a new orientation API that includes the unprefixed screen.orientation property and possibly support for onchange events. See:
https://developer.mozilla.org/en-US/docs/Web/API/Screen/orientation
https://w3c...For Firefox 43, Mozilla added a new orientation API that includes the unprefixed screen.orientation property and possibly support for onchange events. See:
https://developer.mozilla.org/en-US/docs/Web/API/Screen/orientation
https://w3c.github.io/screen-orientation/
Although the patch for #13025 was upstreamed, the implementation of the new API did not carry forward the concept of respecting the privacy.resistFingerprinting pref.Arthur EdelsteinArthur Edelsteinhttps://gitlab.torproject.org/legacy/trac/-/issues/18976Remove some FTE bridges2020-06-15T23:35:03ZkpdyerRemove some FTE bridgesHello!
The following FTE bridges will soon be permanently going away:
192.240.101.106:80
50.7.176.114:80
[2001:49f0:d002:1::2]:80
[2001:49f0:d00a:1::c]:80
Can you please remove them from Bundle-Data/PTConfigs/bridge_prefs.js? Thanks!Hello!
The following FTE bridges will soon be permanently going away:
192.240.101.106:80
50.7.176.114:80
[2001:49f0:d002:1::2]:80
[2001:49f0:d00a:1::c]:80
Can you please remove them from Bundle-Data/PTConfigs/bridge_prefs.js? Thanks!https://gitlab.torproject.org/legacy/trac/-/issues/18980Remove obsolete toolbar button code in torbutton.js2020-06-15T23:35:04ZArthur EdelsteinRemove obsolete toolbar button code in torbutton.jsIn #10751, we adapted the torbutton button to the "Australis UI" introduced in ESR31. There's some leftover ESR24 code we marked for later removal -- let's do that.In #10751, we adapted the torbutton button to the "Australis UI" introduced in ESR31. There's some leftover ESR24 code we marked for later removal -- let's do that.https://gitlab.torproject.org/legacy/trac/-/issues/18995Investigate CacheStorage feature for tracking usage in Tor Browser2020-06-15T23:35:06ZGeorg KoppenInvestigate CacheStorage feature for tracking usage in Tor BrowserIn ESR45 we have a new CacheStorage feature that might be usable for tracking users. We should bind it to our cache isolation code if so. Even though being part of the ServiceWorker spec it is not bound to it. Quoting from comment:8:tick...In ESR45 we have a new CacheStorage feature that might be usable for tracking users. We should bind it to our cache isolation code if so. Even though being part of the ServiceWorker spec it is not bound to it. Quoting from comment:8:ticket:18545
```
The API page includes "It provides a master directory of all the named caches that a ServiceWorker, other type of worker or window scope can access (you don't have to use it with service workers, even though that is the spec that defines it) and maintains a mapping of string names to corresponding Cache objects." Also, some of the top-level objects are present in regular DOM windows. See: ​https://lists.torproject.org/pipermail/tbb-dev/2016-May/000372.html
```Arthur EdelsteinArthur Edelsteinhttps://gitlab.torproject.org/legacy/trac/-/issues/19047Disable Heartbeat prompts in Tor Browser2020-06-16T00:48:56ZGeorg KoppenDisable Heartbeat prompts in Tor Browserhttps://bugzilla.mozilla.org/show_bug.cgi?id=1196104 implements Heartbeat prompts for PBM. We should make sure this is disabled to not confuse our users.https://bugzilla.mozilla.org/show_bug.cgi?id=1196104 implements Heartbeat prompts for PBM. We should make sure this is disabled to not confuse our users.https://gitlab.torproject.org/legacy/trac/-/issues/19065Tor Browser icon not visible anymore in upper left corner on Linux since 05/132020-06-15T23:35:15ZGeorg KoppenTor Browser icon not visible anymore in upper left corner on Linux since 05/13The nightly build from May 09 is the last one still showing the Tor Browser icon in the upper left corner of browser windows/dialogs. The nightly from May 13 is the first one that just shows a placeholder icon on Linux.The nightly build from May 09 is the last one still showing the Tor Browser icon in the upper left corner of browser windows/dialogs. The nightly from May 13 is the first one that just shows a placeholder icon on Linux.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/19121reinstate the update.xml hash check2020-06-15T23:35:19ZMark Smithreinstate the update.xml hash checkWhile working on #18912, Kathy and I discovered the following Mozilla change that causes the update.xml hash check to be skipped when signed MAR files are in use (this change shipped in Firefox 43):
https://bugzilla.mozilla.org/show_bug....While working on #18912, Kathy and I discovered the following Mozilla change that causes the update.xml hash check to be skipped when signed MAR files are in use (this change shipped in Firefox 43):
https://bugzilla.mozilla.org/show_bug.cgi?id=862173
I think the our philosophy is different than Mozilla's and that we probably want to reinstate the hash check. Mike and Georg, do you agree?Mark SmithMark Smithhttps://gitlab.torproject.org/legacy/trac/-/issues/19176Language packs are not rezipped deterministically2020-06-15T23:35:22ZGeorg KoppenLanguage packs are not rezipped deterministicallyMy patch for #18915 forgot to use our deterministic zip wrapper and used `zip` directly with foreseeable results.My patch for #18915 forgot to use our deterministic zip wrapper and used `zip` directly with foreseeable results.https://gitlab.torproject.org/legacy/trac/-/issues/19187Backport popup related ASan crash fix to Tor Browser 6.x2020-06-15T23:35:23ZGeorg KoppenBackport popup related ASan crash fix to Tor Browser 6.xIt turns out that one of the crashes I found with ASan got already reported a couple of days earlier and fixed on trunk. The security rating indicates that Mozilla won't backport that patch to ESR 45. But we should do for safety's sake.It turns out that one of the crashes I found with ASan got already reported a couple of days earlier and fixed on trunk. The security rating indicates that Mozilla won't backport that patch to ESR 45. But we should do for safety's sake.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/legacy/trac/-/issues/19189Work around gold bug in Tor Browser2020-06-15T23:35:24ZGeorg KoppenWork around gold bug in Tor BrowserWhile bisecting on my Debian box I am always hitting https://bugzilla.mozilla.org/show_bug.cgi?id=1233963. We should backport the fix to include it at least in the alpha series. Given that https://hg.mozilla.org/mozilla-central/rev/1a4c4...While bisecting on my Debian box I am always hitting https://bugzilla.mozilla.org/show_bug.cgi?id=1233963. We should backport the fix to include it at least in the alpha series. Given that https://hg.mozilla.org/mozilla-central/rev/1a4c479ec7cd is pretty simple having this one in the stable series as well can't hurt.https://gitlab.torproject.org/legacy/trac/-/issues/19201Update Tor Browser release procedure: upload mar files to cdn.tpo2020-06-15T23:35:28ZboklmUpdate Tor Browser release procedure: upload mar files to cdn.tpoWe need to update the release procedure to add the upload of mar files to cdn.tpo.We need to update the release procedure to add the upload of mar files to cdn.tpo.boklmboklmhttps://gitlab.torproject.org/legacy/trac/-/issues/19202Use cdn.tpo in mar files URLs2020-06-15T23:37:07ZboklmUse cdn.tpo in mar files URLsWe should update tools/update-responses/config.yml to use cdn.tpo for the mar files URLs.We should update tools/update-responses/config.yml to use cdn.tpo for the mar files URLs.boklmboklm