Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-15T23:43:26Zhttps://gitlab.torproject.org/legacy/trac/-/issues/22058Provide better testing for Tor Browser not breaking important websites (Twitt...2020-06-15T23:43:26ZGeorg KoppenProvide better testing for Tor Browser not breaking important websites (Twitter/Github etc.)We recently had to deal with Twitter being hardly usable for Tor Browser users due to a bug in our code (see #16450 and #21555). We might want to have some tests informing us as early as possible if such a breakage happens. Selenium migh...We recently had to deal with Twitter being hardly usable for Tor Browser users due to a bug in our code (see #16450 and #21555). We might want to have some tests informing us as early as possible if such a breakage happens. Selenium might be a good tool for writing such tests, maybe Marionette as well.cypherpunkscypherpunkshttps://gitlab.torproject.org/legacy/trac/-/issues/21404Run the Tor Browser testsuite on rbm based nightly builds2020-06-13T17:40:56ZboklmRun the Tor Browser testsuite on rbm based nightly buildsIn #21286 some nightly builds have been added. We should run the testsuite on those nightly builds.In #21286 some nightly builds have been added. We should run the testsuite on those nightly builds.https://gitlab.torproject.org/legacy/trac/-/issues/21248Write security slider tests for javascript: URLs2020-06-13T17:40:54ZGeorg KoppenWrite security slider tests for javascript: URLsGiorgio fixed the `javascript` behavior on the medium level for us (in NoScript 2.9.5.3). We should include tests in our test suite to check that:
1) `javascript:` URIs on websites loaded over HTTPS work
2) `javascript:` URIs embedded o...Giorgio fixed the `javascript` behavior on the medium level for us (in NoScript 2.9.5.3). We should include tests in our test suite to check that:
1) `javascript:` URIs on websites loaded over HTTPS work
2) `javascript:` URIs embedded on websites loaded over HTTP do not work.https://gitlab.torproject.org/legacy/trac/-/issues/20446Add a GUI to the Tor Browser testsuite2020-06-13T17:40:53ZboklmAdd a GUI to the Tor Browser testsuiteWe have a Tor Browser testsuite bundle containing the command line scripts `start-tbb-testsuite` and `update-tbb-testsuite` to run and update the testsuite.
We should make a small GUI to make it easier to start the testsuite, show the r...We have a Tor Browser testsuite bundle containing the command line scripts `start-tbb-testsuite` and `update-tbb-testsuite` to run and update the testsuite.
We should make a small GUI to make it easier to start the testsuite, show the results, and update it.https://gitlab.torproject.org/legacy/trac/-/issues/20445Make it easy to update the Tor Browser testsuite bundle2020-06-13T17:40:53ZboklmMake it easy to update the Tor Browser testsuite bundleIn the testsuite bundle, we have an `update-tbb-testsuite` script which is fetching and checking out the latest git commit, after verifying its signature. If a new bundle containing new dependencies is required to run the testsuite, a me...In the testsuite bundle, we have an `update-tbb-testsuite` script which is fetching and checking out the latest git commit, after verifying its signature. If a new bundle containing new dependencies is required to run the testsuite, a message is displayed asking the user to download the new bundle.
We should automate the download of the new bundle, signature verification and installation.https://gitlab.torproject.org/legacy/trac/-/issues/20444Making the testsuite bundle build reproducible2020-06-13T17:40:52ZboklmMaking the testsuite bundle build reproducibleIn the `packages/` directory from the Tor Browser testsuite, we have tools to build a bundle containing the testsuite and its dependencies. We should make the build of this bundle deterministic.In the `packages/` directory from the Tor Browser testsuite, we have tools to build a bundle containing the testsuite and its dependencies. We should make the build of this bundle deterministic.https://gitlab.torproject.org/legacy/trac/-/issues/20443Tor Browser testsuite bundle improvements2020-06-13T17:40:52ZboklmTor Browser testsuite bundle improvementsWe have ticket #19067 about creating a Tor Browser testsuite bundle, containing the testsuite and its dependencies.
This ticket is tracking improvements on this testsuite bundle.We have ticket #19067 about creating a Tor Browser testsuite bundle, containing the testsuite and its dependencies.
This ticket is tracking improvements on this testsuite bundle.https://gitlab.torproject.org/legacy/trac/-/issues/20187Add a test to check that Referrer spoofing on .onions domains is working2020-06-13T17:40:52ZboklmAdd a test to check that Referrer spoofing on .onions domains is workingOur test suite should have a test to check that the referrer spoofing for .onions domains implemented in #17334 is working as expected.Our test suite should have a test to check that the referrer spoofing for .onions domains implemented in #17334 is working as expected.https://gitlab.torproject.org/legacy/trac/-/issues/20018Add support for running tests using schroot in the Tor Browser test suite2020-06-13T17:40:51ZboklmAdd support for running tests using schroot in the Tor Browser test suiteI have access to `build-x86-04.torproject.org` which can be used with schroot. We need to add support to the test suite for using schroot to run the Tor Browser tests, using different Debian and Ubuntu distributions.
Informations about ...I have access to `build-x86-04.torproject.org` which can be used with schroot. We need to add support to the test suite for using schroot to run the Tor Browser tests, using different Debian and Ubuntu distributions.
Informations about using schroot can be found on this page:
https://dsa.debian.org/doc/schroot/https://gitlab.torproject.org/legacy/trac/-/issues/19670Regression test for blocking of Components.interfaces fails2020-06-15T23:36:41ZGeorg KoppenRegression test for blocking of Components.interfaces failsThe regression test for #2874 fails with
```
382 INFO TEST-UNEXPECTED-FAIL |
js/xpconnect/tests/chrome/test_bug795275.xul | uncaught exception -
TypeError: div.testMethod is not a function at
http://mochi.test:8888/tests/js/xpconnect/...The regression test for #2874 fails with
```
382 INFO TEST-UNEXPECTED-FAIL |
js/xpconnect/tests/chrome/test_bug795275.xul | uncaught exception -
TypeError: div.testMethod is not a function at
http://mochi.test:8888/tests/js/xpconnect/tests/mochitest/file_bug795275.html:20
```https://gitlab.torproject.org/legacy/trac/-/issues/17809tbb-tests/browser_tor_TB4.js is out-of-date2020-06-15T23:31:47ZMark Smithtbb-tests/browser_tor_TB4.js is out-of-dateWhile working on #16441, Kathy and I noticed that tbb-tests/browser_tor_TB4.js needs quite a few updates.
Do we run these tests automatically?
Does someone want to update them? We noticed test failures for the following prefs:
app.upda...While working on #16441, Kathy and I noticed that tbb-tests/browser_tor_TB4.js needs quite a few updates.
Do we run these tests automatically?
Does someone want to update them? We noticed test failures for the following prefs:
app.update.auto
browser.startup.homepage_override.mstone
startup.homepage_override_url
general.useragent.override
security.disable_session_identifiers should be security.ssl.disable_session_identifiers
network.http.keep-alive.timeout
(or something else is happening that I do not understand)
There are also some prefs whose values seem to be overridden by the mochitest framework:
media.cache_size
geo.wifi.uri
network.proxy.typehttps://gitlab.torproject.org/legacy/trac/-/issues/17662Have a test to check that Tor Browser updater is working2020-06-13T17:40:44ZboklmHave a test to check that Tor Browser updater is workingWe should have a test to check that the Tor Browser updater is not broken and will be able to update the browser to futur releases when they are available. This test would help when making updater changes such as #17442.
Mozilla has som...We should have a test to check that the Tor Browser updater is not broken and will be able to update the browser to futur releases when they are available. This test would help when making updater changes such as #17442.
Mozilla has some marionette tests that we can use for that:
https://github.com/mozilla/firefox-ui-tests/blob/mozilla-central/firefox_ui_tests/update/direct/test_direct_update.py
https://github.com/mozilla/firefox-ui-tests/blob/mozilla-central/firefox_ui_tests/update/fallback/test_fallback_update.py
Those tests take as arguments a channel name, a target version (the expected version after the update is installed), a target buildid.
Mozilla QA team is posting on their wiki the config file they use when testing each new release:
https://wiki.mozilla.org/QA/Desktop_Firefox/Releases/Configs/Fx42RC2
Using this config they are testing that previous releases can be updated to the new release, but I could not find tests to check if the new release has a working updater that will be able to update to a futur release.
To be able to check that the updater can update to an other release, I think we could create a "test-updater" channel, which provides a signed mar file with a large version number, so that the updater always accept this update. However the problem would be that an adversary can use this mar file to update users to an old browser. Maybe we can include a non-working browser in the mar file to avoid this, but this is still not very good.
An alternative could be to have a "test-updater" channel which provides an old version, and patch our updater to have a preference that allows downgrades. We can then set this preference when testing the updater on this channel.https://gitlab.torproject.org/legacy/trac/-/issues/16888Regression tests for Bug #2950 (Make Permissions Manager memory-only) never f...2020-06-15T23:29:03ZboklmRegression tests for Bug #2950 (Make Permissions Manager memory-only) never failsThe regression test for bug #2950 does not fail when used on 38.2.0esr without patch:
https://treeherder.mozilla.org/#/jobs?repo=try&revision=a81cdc18350bThe regression test for bug #2950 does not fail when used on 38.2.0esr without patch:
https://treeherder.mozilla.org/#/jobs?repo=try&revision=a81cdc18350bhttps://gitlab.torproject.org/legacy/trac/-/issues/16758We need a dom-objects-enumeration test for Workers and SharedWorkers2020-06-13T17:40:40ZboklmWe need a dom-objects-enumeration test for Workers and SharedWorkersWe have a test that enumerates dom objects available in the global scope.
We need the same test in the Workers and SharedWorkers scopes.We have a test that enumerates dom objects available in the global scope.
We need the same test in the Workers and SharedWorkers scopes.https://gitlab.torproject.org/legacy/trac/-/issues/16757Verify that new DOM properties are really disabled2020-06-13T17:40:40ZMike PerryVerify that new DOM properties are really disabledIn https://lists.torproject.org/pipermail/tor-qa/2015-August/000667.html, boklm notes:
```
We have the following DOM objects that were not present in esr31:
onlanguagechange, mozRequestOverfill, back, forward, home, openDialog,
control...In https://lists.torproject.org/pipermail/tor-qa/2015-August/000667.html, boklm notes:
```
We have the following DOM objects that were not present in esr31:
onlanguagechange, mozRequestOverfill, back, forward, home, openDialog,
controllers, realFrameElement, MozSelfSupport, _content, Symbol,
WeakSet, HTMLPictureElement, AnimationEffect, PerformanceMeasure,
PluginCrashedEvent, MenuBoxObject, ScrollViewChangeEvent,
SelectionStateChangedEvent, DOMMatrixReadOnly, DOMMatrix,
PopupBoxObject, AnimationTimeline, PerformanceMark, DOMApplication,
IDBMutableFile, StereoPannerNode, CameraDetectedFace,
CameraStateChangeEvent, CSSCounterStyleRule, CameraRecorderVideoProfile,
CameraRecorderProfile, CameraRecorderProfiles, AnonymousContent,
NamedNodeMap, DOMApplicationsManager, ContentProcessMessageManager,
CameraConfigurationEvent, HTMLAllCollection, PromiseDebugging,
SubtleCrypto, Animation, CameraRecorderAudioProfile, RadioNodeList,
WindowRoot, CameraClosedEvent, CryptoKey, CameraFacesDetectedEvent,
MozSettingsTransactionEvent, IDBFileRequest, BroadcastChannel,
MessageChannel, AnimationPlayer
```
Some of those should have been disabled by various prefs we have set (in particular PerformanceMeasure, PerformanceMark, and the IDB objects). We should look into that. Hopefully they are just empty placeholders. Also, the camera stuff should have been compiled out and also disabled via the peerconnection prefs, I thought.https://gitlab.torproject.org/legacy/trac/-/issues/15770Write tests for security.nocertdb fixes2020-06-13T17:40:37ZGeorg KoppenWrite tests for security.nocertdb fixes#12998 broke quite some things for our users (see #13254 and #14716 for examples). We should make sure, now that #14716 landed, that we detect these kind of things earlier by writing respective tests.#12998 broke quite some things for our users (see #13254 and #14716 for examples). We should make sure, now that #14716 landed, that we detect these kind of things earlier by writing respective tests.cypherpunkscypherpunkshttps://gitlab.torproject.org/legacy/trac/-/issues/15511Add a test for the SVG disable preference2020-06-13T17:40:36ZboklmAdd a test for the SVG disable preferenceWe need a test to check that the preference to disable SVG introduced in #12827 is working.
mcs posted on ticket #12827 an html page that has various scenarios for loading SVG content.We need a test to check that the preference to disable SVG introduced in #12827 is working.
mcs posted on ticket #12827 an html page that has various scenarios for loading SVG content.https://gitlab.torproject.org/legacy/trac/-/issues/13676Run unit tests on rebased tor-browser patches2020-06-13T17:40:33ZboklmRun unit tests on rebased tor-browser patchesAfter rebasing our patches on gecko-dev master (#13675), we should build the tree and run the unit tests.
We should compare the results with the previous day, and send an email highlighting the new failing tests if any.After rebasing our patches on gecko-dev master (#13675), we should build the tree and run the unit tests.
We should compare the results with the previous day, and send an email highlighting the new failing tests if any.https://gitlab.torproject.org/legacy/trac/-/issues/13675Automatically try to rebase tor-browser patches on gecko-dev master2020-06-13T17:40:32ZboklmAutomatically try to rebase tor-browser patches on gecko-dev masterWe should automatically rebase our patches on gecko-dev master branch every night, and have a list of the commits which cannot be automatically rebased.We should automatically rebase our patches on gecko-dev master branch every night, and have a list of the commits which cannot be automatically rebased.https://gitlab.torproject.org/legacy/trac/-/issues/13180Use "dns-resolution-request" to check for possible DNS leaks.2020-06-15T23:20:26ZGeorg KoppenUse "dns-resolution-request" to check for possible DNS leaks.https://bugzilla.mozilla.org/show_bug.cgi?id=971153 gives us the option to write DNS proxy bypass tests for whatever protocol in the browser we think it worth writing those tests. We should do that as part of our QA.https://bugzilla.mozilla.org/show_bug.cgi?id=971153 gives us the option to write DNS proxy bypass tests for whatever protocol in the browser we think it worth writing those tests. We should do that as part of our QA.