Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-13T17:40:07Zhttps://gitlab.torproject.org/legacy/trac/-/issues/5292Build a (manual) TBB test suite2020-06-13T17:40:07ZMike PerryBuild a (manual) TBB test suiteWe should assemble a representative set of test pages for TBB, as well as as keep a list of our own. The ultimate goal is to have this set be automated with something like https://developer.mozilla.org/en/Mochitest. But hey, you gotta st...We should assemble a representative set of test pages for TBB, as well as as keep a list of our own. The ultimate goal is to have this set be automated with something like https://developer.mozilla.org/en/Mochitest. But hey, you gotta start somewhere. A wiki page with links + step by step instructions and expected results should be a fine start.
We should make sure a link the page from
https://trac.torproject.org/projects/tor/wiki/doc/build/BuildSignoffhttps://gitlab.torproject.org/legacy/trac/-/issues/6585Automated testing framework for TBB2020-06-13T17:40:15ZMike PerryAutomated testing framework for TBBMozilla has like 13 automated testing frameworks for Firefox. We should write a wrapper script that calls them all, and also performs some additional integration tests that we write.
https://developer.mozilla.org/en/Mozilla_automated_te...Mozilla has like 13 automated testing frameworks for Firefox. We should write a wrapper script that calls them all, and also performs some additional integration tests that we write.
https://developer.mozilla.org/en/Mozilla_automated_testing
Ideally, we'd want to get this framework to the point where it can easily be run by volunteers on their obscure/rare OS+AV software combinations, so we can crowdsource that testing rather than keep an instance of everything in house. There might be some additional cleanup we need to do for this, though. It looks like the Mozilla frameworks are not easy for end users to run:
https://bugzilla.mozilla.org/show_bug.cgi?id=514067cypherpunkscypherpunkshttps://gitlab.torproject.org/legacy/trac/-/issues/7031test tbb build automation2020-06-13T17:40:16ZAndrew Lewmantest tbb build automationmake sure when main tbb updates, the custom tbb's also update.make sure when main tbb updates, the custom tbb's also update.cypherpunkscypherpunkshttps://gitlab.torproject.org/legacy/trac/-/issues/11024Have a TBB test suite2020-06-13T17:40:18ZboklmHave a TBB test suiteWe need a test suite to check that the main features of the Tor Bundle
Browser are working as expected.We need a test suite to check that the main features of the Tor Bundle
Browser are working as expected.https://gitlab.torproject.org/legacy/trac/-/issues/11031TBB Test suite: check that the noscript extension is functional2020-06-13T17:40:20ZboklmTBB Test suite: check that the noscript extension is functionalThe TBB test suite needs a test to check that the noscript extension is functional.The TBB test suite needs a test to check that the noscript extension is functional.https://gitlab.torproject.org/legacy/trac/-/issues/11032TBB Test suite: check that the new identity button works2020-06-13T17:40:20ZboklmTBB Test suite: check that the new identity button worksThe TBB test suite needs a test that check that clicking on the new identity button removes cookies.The TBB test suite needs a test that check that clicking on the new identity button removes cookies.https://gitlab.torproject.org/legacy/trac/-/issues/11033TBB Test suite: check that the tor browser supports WebSockets2020-06-13T17:40:21ZboklmTBB Test suite: check that the tor browser supports WebSocketsThe TBB test suite needs a test to check that the tor browser supports WebSockets.
Phoul has made a web page that we can use to check that:
http://phoul.github.io/The TBB test suite needs a test to check that the tor browser supports WebSockets.
Phoul has made a web page that we can use to check that:
http://phoul.github.io/https://gitlab.torproject.org/legacy/trac/-/issues/11034TBB Test suite: check that we can visit .onion web sites2020-06-13T17:40:21ZboklmTBB Test suite: check that we can visit .onion web sitesThe TBB test suite needs a test to check that we can visit *.onion web sites.The TBB test suite needs a test to check that we can visit *.onion web sites.https://gitlab.torproject.org/legacy/trac/-/issues/11035TBB Test suite: check browser localization2020-06-13T17:40:21ZboklmTBB Test suite: check browser localizationThe TBB test suite needs a test to check that the menus are not in english in the localized versions of the bundle.The TBB test suite needs a test to check that the menus are not in english in the localized versions of the bundle.https://gitlab.torproject.org/legacy/trac/-/issues/11037TBB Test suite: remanence checks2020-06-13T17:40:22ZboklmTBB Test suite: remanence checksThe TBB test suite needs a test to check that browsing history is not stored on disk after closing the browser.The TBB test suite needs a test to check that browsing history is not stored on disk after closing the browser.https://gitlab.torproject.org/legacy/trac/-/issues/11038TBB Test suite: Fingerprint test2020-06-13T17:40:22ZboklmTBB Test suite: Fingerprint testThe TBB test suite needs a test to check the fingerprintability of the tor browser.
To do that we need something similar to https://panopticlick.eff.org/
but which outputs results in json or other machine readable format.The TBB test suite needs a test to check the fingerprintability of the tor browser.
To do that we need something similar to https://panopticlick.eff.org/
but which outputs results in json or other machine readable format.https://gitlab.torproject.org/legacy/trac/-/issues/11083TBB Test suite: check that tor-launcher is working2020-06-13T17:40:23ZboklmTBB Test suite: check that tor-launcher is workingThe TBB Test suite should use tor-launcher to run tor.The TBB Test suite should use tor-launcher to run tor.https://gitlab.torproject.org/legacy/trac/-/issues/11508Test that about:tor page is properly loaded2020-06-13T17:40:24ZGeorg KoppenTest that about:tor page is properly loadedDuring the last beta release we realized that some translators translate "about:tor" which breaks it. We should write a test that checks this crucial page is working in built bundles.During the last beta release we realized that some translators translate "about:tor" which breaks it. We should write a test that checks this crucial page is working in built bundles.https://gitlab.torproject.org/legacy/trac/-/issues/11509Make sure search engine strings are not translated2020-06-13T17:40:25ZGeorg KoppenMake sure search engine strings are not translatedBug #11236 is caused by translated search engine strings. We should make sure those strings are not translated.Bug #11236 is caused by translated search engine strings. We should make sure those strings are not translated.https://gitlab.torproject.org/legacy/trac/-/issues/11602Make sure HTTPS-Everywhere ships with rules2020-06-13T17:40:25ZGeorg KoppenMake sure HTTPS-Everywhere ships with rulesWhile fixing #11556 I realized that our build scripts are not failing when assembling the HTTPS-Everywhere rules breaks. No rules are shipped in our TBBs in this case. We should therefore make sure this issue is detected via our test sui...While fixing #11556 I realized that our build scripts are not failing when assembling the HTTPS-Everywhere rules breaks. No rules are shipped in our TBBs in this case. We should therefore make sure this issue is detected via our test suite(s).https://gitlab.torproject.org/legacy/trac/-/issues/12479The testsuite should check that all binaries are stripped2020-06-13T17:40:28ZboklmThe testsuite should check that all binaries are strippedTo detect tickets like #12387, the testsuite should check that all binaries included in the bundle are stripped.To detect tickets like #12387, the testsuite should check that all binaries included in the bundle are stripped.https://gitlab.torproject.org/legacy/trac/-/issues/13094Recursive DOM Objects enumeration test2020-06-13T17:40:32ZboklmRecursive DOM Objects enumeration testWe have a mozmil test which enumerates DOM objects:
https://gitweb.torproject.org/boklm/tor-browser-bundle-testsuite.git/blob/HEAD:/mozmill-tests/tbb-tests/dom-objects-enumeration.js
We should convert that to a mochitest test included i...We have a mozmil test which enumerates DOM objects:
https://gitweb.torproject.org/boklm/tor-browser-bundle-testsuite.git/blob/HEAD:/mozmill-tests/tbb-tests/dom-objects-enumeration.js
We should convert that to a mochitest test included in the browser sources tree, and do it recursively.
arthuredelstein has the beginning of a recursive version:
https://github.com/arthuredelstein/fingerprint/blob/master/fingerprint.jshttps://gitlab.torproject.org/legacy/trac/-/issues/13180Use "dns-resolution-request" to check for possible DNS leaks.2020-06-15T23:20:26ZGeorg KoppenUse "dns-resolution-request" to check for possible DNS leaks.https://bugzilla.mozilla.org/show_bug.cgi?id=971153 gives us the option to write DNS proxy bypass tests for whatever protocol in the browser we think it worth writing those tests. We should do that as part of our QA.https://bugzilla.mozilla.org/show_bug.cgi?id=971153 gives us the option to write DNS proxy bypass tests for whatever protocol in the browser we think it worth writing those tests. We should do that as part of our QA.https://gitlab.torproject.org/legacy/trac/-/issues/13675Automatically try to rebase tor-browser patches on gecko-dev master2020-06-13T17:40:32ZboklmAutomatically try to rebase tor-browser patches on gecko-dev masterWe should automatically rebase our patches on gecko-dev master branch every night, and have a list of the commits which cannot be automatically rebased.We should automatically rebase our patches on gecko-dev master branch every night, and have a list of the commits which cannot be automatically rebased.https://gitlab.torproject.org/legacy/trac/-/issues/13676Run unit tests on rebased tor-browser patches2020-06-13T17:40:33ZboklmRun unit tests on rebased tor-browser patchesAfter rebasing our patches on gecko-dev master (#13675), we should build the tree and run the unit tests.
We should compare the results with the previous day, and send an email highlighting the new failing tests if any.After rebasing our patches on gecko-dev master (#13675), we should build the tree and run the unit tests.
We should compare the results with the previous day, and send an email highlighting the new failing tests if any.https://gitlab.torproject.org/legacy/trac/-/issues/15511Add a test for the SVG disable preference2020-06-13T17:40:36ZboklmAdd a test for the SVG disable preferenceWe need a test to check that the preference to disable SVG introduced in #12827 is working.
mcs posted on ticket #12827 an html page that has various scenarios for loading SVG content.We need a test to check that the preference to disable SVG introduced in #12827 is working.
mcs posted on ticket #12827 an html page that has various scenarios for loading SVG content.https://gitlab.torproject.org/legacy/trac/-/issues/15770Write tests for security.nocertdb fixes2020-06-13T17:40:37ZGeorg KoppenWrite tests for security.nocertdb fixes#12998 broke quite some things for our users (see #13254 and #14716 for examples). We should make sure, now that #14716 landed, that we detect these kind of things earlier by writing respective tests.#12998 broke quite some things for our users (see #13254 and #14716 for examples). We should make sure, now that #14716 landed, that we detect these kind of things earlier by writing respective tests.cypherpunkscypherpunkshttps://gitlab.torproject.org/legacy/trac/-/issues/16757Verify that new DOM properties are really disabled2020-06-13T17:40:40ZMike PerryVerify that new DOM properties are really disabledIn https://lists.torproject.org/pipermail/tor-qa/2015-August/000667.html, boklm notes:
```
We have the following DOM objects that were not present in esr31:
onlanguagechange, mozRequestOverfill, back, forward, home, openDialog,
control...In https://lists.torproject.org/pipermail/tor-qa/2015-August/000667.html, boklm notes:
```
We have the following DOM objects that were not present in esr31:
onlanguagechange, mozRequestOverfill, back, forward, home, openDialog,
controllers, realFrameElement, MozSelfSupport, _content, Symbol,
WeakSet, HTMLPictureElement, AnimationEffect, PerformanceMeasure,
PluginCrashedEvent, MenuBoxObject, ScrollViewChangeEvent,
SelectionStateChangedEvent, DOMMatrixReadOnly, DOMMatrix,
PopupBoxObject, AnimationTimeline, PerformanceMark, DOMApplication,
IDBMutableFile, StereoPannerNode, CameraDetectedFace,
CameraStateChangeEvent, CSSCounterStyleRule, CameraRecorderVideoProfile,
CameraRecorderProfile, CameraRecorderProfiles, AnonymousContent,
NamedNodeMap, DOMApplicationsManager, ContentProcessMessageManager,
CameraConfigurationEvent, HTMLAllCollection, PromiseDebugging,
SubtleCrypto, Animation, CameraRecorderAudioProfile, RadioNodeList,
WindowRoot, CameraClosedEvent, CryptoKey, CameraFacesDetectedEvent,
MozSettingsTransactionEvent, IDBFileRequest, BroadcastChannel,
MessageChannel, AnimationPlayer
```
Some of those should have been disabled by various prefs we have set (in particular PerformanceMeasure, PerformanceMark, and the IDB objects). We should look into that. Hopefully they are just empty placeholders. Also, the camera stuff should have been compiled out and also disabled via the peerconnection prefs, I thought.https://gitlab.torproject.org/legacy/trac/-/issues/16758We need a dom-objects-enumeration test for Workers and SharedWorkers2020-06-13T17:40:40ZboklmWe need a dom-objects-enumeration test for Workers and SharedWorkersWe have a test that enumerates dom objects available in the global scope.
We need the same test in the Workers and SharedWorkers scopes.We have a test that enumerates dom objects available in the global scope.
We need the same test in the Workers and SharedWorkers scopes.https://gitlab.torproject.org/legacy/trac/-/issues/16888Regression tests for Bug #2950 (Make Permissions Manager memory-only) never f...2020-06-15T23:29:03ZboklmRegression tests for Bug #2950 (Make Permissions Manager memory-only) never failsThe regression test for bug #2950 does not fail when used on 38.2.0esr without patch:
https://treeherder.mozilla.org/#/jobs?repo=try&revision=a81cdc18350bThe regression test for bug #2950 does not fail when used on 38.2.0esr without patch:
https://treeherder.mozilla.org/#/jobs?repo=try&revision=a81cdc18350bhttps://gitlab.torproject.org/legacy/trac/-/issues/17662Have a test to check that Tor Browser updater is working2020-06-13T17:40:44ZboklmHave a test to check that Tor Browser updater is workingWe should have a test to check that the Tor Browser updater is not broken and will be able to update the browser to futur releases when they are available. This test would help when making updater changes such as #17442.
Mozilla has som...We should have a test to check that the Tor Browser updater is not broken and will be able to update the browser to futur releases when they are available. This test would help when making updater changes such as #17442.
Mozilla has some marionette tests that we can use for that:
https://github.com/mozilla/firefox-ui-tests/blob/mozilla-central/firefox_ui_tests/update/direct/test_direct_update.py
https://github.com/mozilla/firefox-ui-tests/blob/mozilla-central/firefox_ui_tests/update/fallback/test_fallback_update.py
Those tests take as arguments a channel name, a target version (the expected version after the update is installed), a target buildid.
Mozilla QA team is posting on their wiki the config file they use when testing each new release:
https://wiki.mozilla.org/QA/Desktop_Firefox/Releases/Configs/Fx42RC2
Using this config they are testing that previous releases can be updated to the new release, but I could not find tests to check if the new release has a working updater that will be able to update to a futur release.
To be able to check that the updater can update to an other release, I think we could create a "test-updater" channel, which provides a signed mar file with a large version number, so that the updater always accept this update. However the problem would be that an adversary can use this mar file to update users to an old browser. Maybe we can include a non-working browser in the mar file to avoid this, but this is still not very good.
An alternative could be to have a "test-updater" channel which provides an old version, and patch our updater to have a preference that allows downgrades. We can then set this preference when testing the updater on this channel.https://gitlab.torproject.org/legacy/trac/-/issues/17809tbb-tests/browser_tor_TB4.js is out-of-date2020-06-15T23:31:47ZMark Smithtbb-tests/browser_tor_TB4.js is out-of-dateWhile working on #16441, Kathy and I noticed that tbb-tests/browser_tor_TB4.js needs quite a few updates.
Do we run these tests automatically?
Does someone want to update them? We noticed test failures for the following prefs:
app.upda...While working on #16441, Kathy and I noticed that tbb-tests/browser_tor_TB4.js needs quite a few updates.
Do we run these tests automatically?
Does someone want to update them? We noticed test failures for the following prefs:
app.update.auto
browser.startup.homepage_override.mstone
startup.homepage_override_url
general.useragent.override
security.disable_session_identifiers should be security.ssl.disable_session_identifiers
network.http.keep-alive.timeout
(or something else is happening that I do not understand)
There are also some prefs whose values seem to be overridden by the mochitest framework:
media.cache_size
geo.wifi.uri
network.proxy.typehttps://gitlab.torproject.org/legacy/trac/-/issues/19670Regression test for blocking of Components.interfaces fails2020-06-15T23:36:41ZGeorg KoppenRegression test for blocking of Components.interfaces failsThe regression test for #2874 fails with
```
382 INFO TEST-UNEXPECTED-FAIL |
js/xpconnect/tests/chrome/test_bug795275.xul | uncaught exception -
TypeError: div.testMethod is not a function at
http://mochi.test:8888/tests/js/xpconnect/...The regression test for #2874 fails with
```
382 INFO TEST-UNEXPECTED-FAIL |
js/xpconnect/tests/chrome/test_bug795275.xul | uncaught exception -
TypeError: div.testMethod is not a function at
http://mochi.test:8888/tests/js/xpconnect/tests/mochitest/file_bug795275.html:20
```https://gitlab.torproject.org/legacy/trac/-/issues/20018Add support for running tests using schroot in the Tor Browser test suite2020-06-13T17:40:51ZboklmAdd support for running tests using schroot in the Tor Browser test suiteI have access to `build-x86-04.torproject.org` which can be used with schroot. We need to add support to the test suite for using schroot to run the Tor Browser tests, using different Debian and Ubuntu distributions.
Informations about ...I have access to `build-x86-04.torproject.org` which can be used with schroot. We need to add support to the test suite for using schroot to run the Tor Browser tests, using different Debian and Ubuntu distributions.
Informations about using schroot can be found on this page:
https://dsa.debian.org/doc/schroot/https://gitlab.torproject.org/legacy/trac/-/issues/20187Add a test to check that Referrer spoofing on .onions domains is working2020-06-13T17:40:52ZboklmAdd a test to check that Referrer spoofing on .onions domains is workingOur test suite should have a test to check that the referrer spoofing for .onions domains implemented in #17334 is working as expected.Our test suite should have a test to check that the referrer spoofing for .onions domains implemented in #17334 is working as expected.https://gitlab.torproject.org/legacy/trac/-/issues/20443Tor Browser testsuite bundle improvements2020-06-13T17:40:52ZboklmTor Browser testsuite bundle improvementsWe have ticket #19067 about creating a Tor Browser testsuite bundle, containing the testsuite and its dependencies.
This ticket is tracking improvements on this testsuite bundle.We have ticket #19067 about creating a Tor Browser testsuite bundle, containing the testsuite and its dependencies.
This ticket is tracking improvements on this testsuite bundle.https://gitlab.torproject.org/legacy/trac/-/issues/20444Making the testsuite bundle build reproducible2020-06-13T17:40:52ZboklmMaking the testsuite bundle build reproducibleIn the `packages/` directory from the Tor Browser testsuite, we have tools to build a bundle containing the testsuite and its dependencies. We should make the build of this bundle deterministic.In the `packages/` directory from the Tor Browser testsuite, we have tools to build a bundle containing the testsuite and its dependencies. We should make the build of this bundle deterministic.https://gitlab.torproject.org/legacy/trac/-/issues/20445Make it easy to update the Tor Browser testsuite bundle2020-06-13T17:40:53ZboklmMake it easy to update the Tor Browser testsuite bundleIn the testsuite bundle, we have an `update-tbb-testsuite` script which is fetching and checking out the latest git commit, after verifying its signature. If a new bundle containing new dependencies is required to run the testsuite, a me...In the testsuite bundle, we have an `update-tbb-testsuite` script which is fetching and checking out the latest git commit, after verifying its signature. If a new bundle containing new dependencies is required to run the testsuite, a message is displayed asking the user to download the new bundle.
We should automate the download of the new bundle, signature verification and installation.https://gitlab.torproject.org/legacy/trac/-/issues/20446Add a GUI to the Tor Browser testsuite2020-06-13T17:40:53ZboklmAdd a GUI to the Tor Browser testsuiteWe have a Tor Browser testsuite bundle containing the command line scripts `start-tbb-testsuite` and `update-tbb-testsuite` to run and update the testsuite.
We should make a small GUI to make it easier to start the testsuite, show the r...We have a Tor Browser testsuite bundle containing the command line scripts `start-tbb-testsuite` and `update-tbb-testsuite` to run and update the testsuite.
We should make a small GUI to make it easier to start the testsuite, show the results, and update it.https://gitlab.torproject.org/legacy/trac/-/issues/21248Write security slider tests for javascript: URLs2020-06-13T17:40:54ZGeorg KoppenWrite security slider tests for javascript: URLsGiorgio fixed the `javascript` behavior on the medium level for us (in NoScript 2.9.5.3). We should include tests in our test suite to check that:
1) `javascript:` URIs on websites loaded over HTTPS work
2) `javascript:` URIs embedded o...Giorgio fixed the `javascript` behavior on the medium level for us (in NoScript 2.9.5.3). We should include tests in our test suite to check that:
1) `javascript:` URIs on websites loaded over HTTPS work
2) `javascript:` URIs embedded on websites loaded over HTTP do not work.https://gitlab.torproject.org/legacy/trac/-/issues/21404Run the Tor Browser testsuite on rbm based nightly builds2020-06-13T17:40:56ZboklmRun the Tor Browser testsuite on rbm based nightly buildsIn #21286 some nightly builds have been added. We should run the testsuite on those nightly builds.In #21286 some nightly builds have been added. We should run the testsuite on those nightly builds.https://gitlab.torproject.org/legacy/trac/-/issues/22058Provide better testing for Tor Browser not breaking important websites (Twitt...2020-06-15T23:43:26ZGeorg KoppenProvide better testing for Tor Browser not breaking important websites (Twitter/Github etc.)We recently had to deal with Twitter being hardly usable for Tor Browser users due to a bug in our code (see #16450 and #21555). We might want to have some tests informing us as early as possible if such a breakage happens. Selenium migh...We recently had to deal with Twitter being hardly usable for Tor Browser users due to a bug in our code (see #16450 and #21555). We might want to have some tests informing us as early as possible if such a breakage happens. Selenium might be a good tool for writing such tests, maybe Marionette as well.cypherpunkscypherpunkshttps://gitlab.torproject.org/legacy/trac/-/issues/22809Tor Browser does not provide red security warning for downloading executable ...2020-06-15T23:45:26ZnaifTor Browser does not provide red security warning for downloading executable in HTTPThis ticket is to enhance Tor Browser that today does not provide red security warning for downloading executable in HTTP in clear text that can be easy subject to MITM attacks.
Actually there's a ticket sitting on Mozilla Firefox to im...This ticket is to enhance Tor Browser that today does not provide red security warning for downloading executable in HTTP in clear text that can be easy subject to MITM attacks.
Actually there's a ticket sitting on Mozilla Firefox to implement exactly that https://bugzilla.mozilla.org/show_bug.cgi?id=1303739 .
The very same should apply for mixed content where from an HTTPS website there's download of executable from an HTTP resource.
Attached the standard warning provided by Firefox that does not explain to the end-user how risky is the download of an executable over HTTP in clear.https://gitlab.torproject.org/legacy/trac/-/issues/22854Fix the setup of the Tor Browser testsuite on our Windows test server2020-06-13T17:41:01ZboklmFix the setup of the Tor Browser testsuite on our Windows test serverThe testsuite is currently broken on our Windows test server (at least for the marionette tests), so we need to fix its setup.The testsuite is currently broken on our Windows test server (at least for the marionette tests), so we need to fix its setup.https://gitlab.torproject.org/legacy/trac/-/issues/23238Using Application Verifier Within Your Software Development Lifecycle2020-06-13T17:41:02ZcypherpunksUsing Application Verifier Within Your Software Development LifecycleAppVerifier assists in finding subtle programming errors, security issues, and user account privilege problems that can be difficult to identify during a typical test pass.
https://msdn.microsoft.com/en-us/library/aa480483.aspx
Mozilla ...AppVerifier assists in finding subtle programming errors, security issues, and user account privilege problems that can be difficult to identify during a typical test pass.
https://msdn.microsoft.com/en-us/library/aa480483.aspx
Mozilla ignored it for 12 years! https://bugzilla.mozilla.org/show_bug.cgi?id=244805
But it doesn't mean they had no bugs! https://bugzilla.mozilla.org/show_bug.cgi?id=1289994
Old version download page https://www.microsoft.com/en-us/download/details.aspx?id=20028
Current state https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/application-verifierhttps://gitlab.torproject.org/legacy/trac/-/issues/23386Run Tor Browser testsuite on our Windows QA machine2020-06-13T17:41:03ZboklmRun Tor Browser testsuite on our Windows QA machineWith #23315 we now have a new VM for Windows QA. We need to set up the testuite on this machine to run it on new releases and nightly builds.With #23315 we now have a new VM for Windows QA. We need to set up the testuite on this machine to run it on new releases and nightly builds.https://gitlab.torproject.org/legacy/trac/-/issues/23600Make sure the Windows DLL blocklist is loaded2020-06-13T17:41:03ZGeorg KoppenMake sure the Windows DLL blocklist is loadedWe activated the DLL blocklisting feature for our Windows builds in #23582 and should write a test for our Q&A infra making sure this is enabled in our release builds.We activated the DLL blocklisting feature for our Windows builds in #23582 and should write a test for our Q&A infra making sure this is enabled in our release builds.cypherpunkscypherpunkshttps://gitlab.torproject.org/legacy/trac/-/issues/25660Remove "New Private Window" option from Tor Browser or make it a separate ses...2020-06-16T00:45:02ZstephwRemove "New Private Window" option from Tor Browser or make it a separate sessionIt doesn't do anything that I can tell. If it does, we should have more of an explanation to set user expectation.
For instance, I thought perhaps when I was logged into Twitter in another tab, it might isolate a separate session, but i...It doesn't do anything that I can tell. If it does, we should have more of an explanation to set user expectation.
For instance, I thought perhaps when I was logged into Twitter in another tab, it might isolate a separate session, but it does not. If I go to twitter.com in a "New Private Window", I am still logged into the same account.https://gitlab.torproject.org/legacy/trac/-/issues/26149Add some ansible roles for tor browser testsuite setup2020-06-13T17:41:07ZboklmAdd some ansible roles for tor browser testsuite setupWe should add to `tor-browser-build/tools/ansible` some ansible roles to setup VMs for running the tor browser testsuite.We should add to `tor-browser-build/tools/ansible` some ansible roles to setup VMs for running the tor browser testsuite.https://gitlab.torproject.org/legacy/trac/-/issues/26314Create "Learn More" Landing Page for TBA2020-06-13T17:26:34ZMatthew FinkelCreate "Learn More" Landing Page for TBAWhen TBA is first launched there is a "Learn More" link the user can click. We should take advantage of this and create a useful webpage where the user can learn more. (Orfox currently has this, too, and the link goes to [[Guardian Proje...When TBA is first launched there is a "Learn More" link the user can click. We should take advantage of this and create a useful webpage where the user can learn more. (Orfox currently has this, too, and the link goes to [[Guardian Project's Orfox page](https://guardianproject.info/apps/orfox|the)].https://gitlab.torproject.org/legacy/trac/-/issues/26917Update QA and Testing content on our HACKING document2020-06-16T00:48:39ZGeorg KoppenUpdate QA and Testing content on our HACKING documentOur QA and Testing content on our HACKING page needs some update.Our QA and Testing content on our HACKING page needs some update.https://gitlab.torproject.org/legacy/trac/-/issues/27120tbb-testsuite: marionette tests are failing when using strace2020-06-13T17:41:12Zboklmtbb-testsuite: marionette tests are failing when using straceIn the marionette tests that we run from the testsuite, we are running the browser with strace in order to check the system calls and detect possible files created outside the browser directory, and direct network connections.
When runn...In the marionette tests that we run from the testsuite, we are running the browser with strace in order to check the system calls and detect possible files created outside the browser directory, and direct network connections.
When running the testsuite on an esr60 based Tor Browser, the browser window does not open and an strace process takes a lot of cpu, until we get the following timeout error:
```
Using workspace for temporary data: "/home/user/tbb-testsuite/reports/r/FmdSZphWEU/results-tor-browser-linux64-8.0a9_es-ES.tar.xz/slider_settings_1_ws"
mozversion application_buildid: 20180204020101
mozversion application_display_name: Tor Browser
mozversion application_id: {ec8030f7-c20a-464f-9b0e-13a3a9e97384}
mozversion application_name: Firefox
mozversion application_remotingname: firefox
mozversion application_vendor: Mozilla
mozversion application_version: 60.1.0
mozversion platform_buildid: 20180204020101
mozversion platform_version: 60.1.0
Application command: /home/user/tbb-testsuite/tmp/_VycbfqfU2/tor-browser_es-ES/Browser/ff_slider_settings_1 -no-remote -marionette -profile /home/user/tbb-testsuite/reports/r/FmdSZphWEU/results-tor-browser-linux64-8.0a9_es-ES.tar.xz/slider_settings_1_ws/profile.default-1534170518
2:00.17 LOG: MainThread ERROR Failure during harness execution
Traceback (most recent call last):
File "/home/user/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.egg/marionette_harness/runtests.py", line 92, in cli
failed = harness_instance.run()
File "/home/user/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.egg/marionette_harness/runtests.py", line 72, in run
runner.run_tests(tests)
File "/home/user/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.egg/marionette_harness/runner/base.py", line 837, in run_tests
self.marionette = self.driverclass(**self._build_kwargs())
File "/home/user/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 621, in __init__
self.start_binary(self.startup_timeout)
File "/home/user/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 633, in start_binary
self.raise_for_port(timeout=timeout)
File "/home/user/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 710, in raise_for_port
self.host, self.port))
IOError: Process killed after 120s because no connection to Marionette server could be established. Check gecko.log for errors
```
Disabling the use of strace is fixing the issue.https://gitlab.torproject.org/legacy/trac/-/issues/27137tbb-testsuite: fix the navigation-timing, performance-observer, resource-timi...2020-06-13T17:41:14Zboklmtbb-testsuite: fix the navigation-timing, performance-observer, resource-timing, user-timing testsThe navigation-timing test is currently failing with the following error:
```
test_navigation-timing.py test_navigation-timing.Test.test_navigation_timing
SUITE-END | took 0s
Using workspace for temporary data: "/home/user/tbb-testsuite/...The navigation-timing test is currently failing with the following error:
```
test_navigation-timing.py test_navigation-timing.Test.test_navigation_timing
SUITE-END | took 0s
Using workspace for temporary data: "/home/user/tbb-testsuite/reports/r/aXFkPjw0CG/results-tor-browser-linux64-8.0a9_es-ES.tar.xz/navigation-timing_ws"
mozversion application_buildid: 20180204020101
mozversion application_display_name: Tor Browser
mozversion application_id: {ec8030f7-c20a-464f-9b0e-13a3a9e97384}
mozversion application_name: Firefox
mozversion application_remotingname: firefox
mozversion application_vendor: Mozilla
mozversion application_version: 60.1.0
mozversion platform_buildid: 20180204020101
mozversion platform_version: 60.1.0
Application command: /home/user/tbb-testsuite/tmp/w2gSJZPwUj/tor-browser_es-ES/Browser/ff_wrapper -no-remote -marionette -profile /home/user/tbb-testsuite/reports/r/aXFkPjw0CG/results-tor-browser-linux64-8.0a9_es-ES.tar.xz/navigation-timing_ws/profile.default-1534249749
Profile path is /home/user/tbb-testsuite/reports/r/aXFkPjw0CG/results-tor-browser-linux64-8.0a9_es-ES.tar.xz/navigation-timing_ws/profile.default-1534249749
Starting fixture servers
Fixture server listening on http://127.0.0.1:35413/
Fixture server listening on https://127.0.0.1:32829/
e10s is enabled
mozversion application_buildid: 20180204020101
mozversion application_display_name: Tor Browser
mozversion application_id: {ec8030f7-c20a-464f-9b0e-13a3a9e97384}
mozversion application_name: Firefox
mozversion application_remotingname: firefox
mozversion application_vendor: Mozilla
mozversion application_version: 60.1.0
mozversion platform_buildid: 20180204020101
mozversion platform_version: 60.1.0
SUITE-START | Running 1 tests
TEST-START | test_navigation-timing.py Test.test_navigation_timing
Failed to gather test failure debug:
stacktrace:
WebDriverError@chrome://marionette/content/error.js:178:5
UnexpectedAlertOpenError@chrome://marionette/content/error.js:507:5
assert.that/<@chrome://marionette/content/assert.js:405:13
assert.noUserPrompt@chrome://marionette/content/assert.js:178:3
GeckoDriver.prototype._assertAndDismissModal@chrome://marionette/content/driver.js:3203:5
GeckoDriver.prototype.getPageSource@chrome://marionette/content/driver.js:1154:3
despatch@chrome://marionette/content/server.js:293:20
execute@chrome://marionette/content/server.js:267:11
onPacket/<@chrome://marionette/content/server.js:242:15
onPacket@chrome://marionette/content/server.js:241:8
_onJSONObjectReady/<@chrome://marionette/content/transport.js:500:9
openModalWindow@jar:file:///home/user/tbb-testsuite/tmp/w2gSJZPwUj/tor-browser_es-ES/Browser/omni.ja!/components/nsPrompter.js:353:5
openPrompt@jar:file:///home/user/tbb-testsuite/tmp/w2gSJZPwUj/tor-browser_es-ES/Browser/omni.ja!/components/nsPrompter.js:563:9
confirmEx@jar:file:///home/user/tbb-testsuite/tmp/w2gSJZPwUj/tor-browser_es-ES/Browser/omni.ja!/components/nsPrompter.js:704:9
confirmEx@jar:file:///home/user/tbb-testsuite/tmp/w2gSJZPwUj/tor-browser_es-ES/Browser/omni.ja!/components/nsPrompter.js:74:16
_promptForLanguagePreference@resource://gre/modules/LanguagePrompt.jsm:177:20
_handleHttpOnModifyRequest@resource://gre/modules/LanguagePrompt.jsm:156:5
observe@resource://gre/modules/LanguagePrompt.jsm:47:9
TEST-UNEXPECTED-FAIL | test_navigation-timing.py Test.test_navigation_timing | AssertionError: secureConnectionStart != None
Traceback (most recent call last):
File "/home/user/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.egg/marionette_harness/marionette_test/testcases.py", line 156, in run
testMethod()
File "/home/user/tbb-testsuite/marionette/tor_browser_tests/test_navigation-timing.py", line 52, in test_navigation_timing
script_args=[name, val]), msg=err_msg)
TEST-INFO took 451ms
SUMMARY
-------
passed: 0
failed: 1
todo: 0
FAILED TESTS
-------
test_navigation-timing.py test_navigation-timing.Test.test_navigation_timing
SUITE-END | took 0s
```https://gitlab.torproject.org/legacy/trac/-/issues/27987Add setting for enabling/disabling flag_secure in Android browser2020-06-16T00:51:55ZTracAdd setting for enabling/disabling flag_secure in Android browserI believe it's set by default and there's no way to disable it. Problem is it blocks things like being able to take screenshots, be nice if I could just decide if I want flag_secure enabled or not via a setting rather than have to have a...I believe it's set by default and there's no way to disable it. Problem is it blocks things like being able to take screenshots, be nice if I could just decide if I want flag_secure enabled or not via a setting rather than have to have a different browser on my device that doesn't use it.
**Trac**:
**Username**: carbuncleohttps://gitlab.torproject.org/legacy/trac/-/issues/28381Oreo adaptive icon shape2020-06-16T00:52:51ZTracOreo adaptive icon shapePlease add support for icon shape
https://developer.android.com/guide/practices/ui_guidelines/icon_design_adaptive
https://material.io/guidelines/style/icons.html
**Trac**:
**Username**: cepxuoPlease add support for icon shape
https://developer.android.com/guide/practices/ui_guidelines/icon_design_adaptive
https://material.io/guidelines/style/icons.html
**Trac**:
**Username**: cepxuohttps://gitlab.torproject.org/legacy/trac/-/issues/28520tbb-testsuite: fix the tor_bridge test2020-06-16T01:00:54Zboklmtbb-testsuite: fix the tor_bridge testWe are currently the bridge `83.212.101.3:6666` to test tor using a bridge.
However, we are getting a timeout error when using this bridge:
http://xer3kgd5ygqr7n6i.onion/r/tbb-nightly-2018-11-18-Debian9.5-x86_64/tor-browser-linux64-tbb-...We are currently the bridge `83.212.101.3:6666` to test tor using a bridge.
However, we are getting a timeout error when using this bridge:
http://xer3kgd5ygqr7n6i.onion/r/tbb-nightly-2018-11-18-Debian9.5-x86_64/tor-browser-linux64-tbb-nightly_ar.tar.xz.html#tor_bridge
We should see if this bridge can be fixed, or if we should find an other bridge to use for this test.https://gitlab.torproject.org/legacy/trac/-/issues/28665tbb-testsuite: fix the fp_navigator test2020-06-13T17:41:17Zboklmtbb-testsuite: fix the fp_navigator testThe `fp_navigator` test is currently failing for non -en-US bundles with the following error:
```
AssertionError: Navigator property mismatch language [ar != en-US]
```The `fp_navigator` test is currently failing for non -en-US bundles with the following error:
```
AssertionError: Navigator property mismatch language [ar != en-US]
```https://gitlab.torproject.org/legacy/trac/-/issues/28704Compile Tor and dependencies on our own for Android2022-09-01T23:00:14ZGeorg KoppenCompile Tor and dependencies on our own for AndroidCurrently we are building just Orbot in `tor-browser-build` and fetching the dependencies as we need them. We should at least build Tor and its dependencies on our own, integrating Android specific build logic into our projects we alread...Currently we are building just Orbot in `tor-browser-build` and fetching the dependencies as we need them. We should at least build Tor and its dependencies on our own, integrating Android specific build logic into our projects we already have (like OpenSSL, Libevent etc.).
This is the parent ticket for that task.Shane IsbellShane Isbellhttps://gitlab.torproject.org/legacy/trac/-/issues/28786Allow customizing Tor instance in Tor Browser on mobile2020-06-16T00:59:22ZTracAllow customizing Tor instance in Tor Browser on mobileCould you add an option to disable automatic startup of built-in Orbot in Tor Browser for Android?
I prefer do not use Orbot and use Termux's tor package instead.
**Trac**:
**Username**: dimquaCould you add an option to disable automatic startup of built-in Orbot in Tor Browser for Android?
I prefer do not use Orbot and use Termux's tor package instead.
**Trac**:
**Username**: dimquahttps://gitlab.torproject.org/legacy/trac/-/issues/28798tbb-testsuite: fix the svg-disable and svg-enable tests2020-06-13T17:41:17Zboklmtbb-testsuite: fix the svg-disable and svg-enable testsRunning the `svg-disable` test currently fails with the error:
```
Traceback (most recent call last):
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.eg...Running the `svg-disable` test currently fails with the error:
```
Traceback (most recent call last):
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.egg/marionette_harness/marionette_test/testcases.py", line 156, in run
testMethod()
File "/home/tbb-testsuite/tbb-testsuite/marionette/tor_browser_tests/test_svg.py", line 32, in test_svg
m.navigate("%s/img_src_url.html" % self.svg_dir)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 1632, in navigate
self._send_message("get", {"url": url})
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/decorators.py", line 23, in _
return func(*args, **kwargs)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 740, in _send_message
self._handle_error(err)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 764, in _handle_error
raise errors.lookup(error)(message, stacktrace=stacktrace)
UnknownException: Reached error page: about:neterror?e=fileAccessDenied&u=file%3A///home/tbb-testsuite/tbb-testsuite/test-data/svg//img_src_url.html&c=UTF-8&f=regular&d=%D8%A7%D9%84%D9%85%D9%84%D9%81%20%D9%81%D9%8A%20/home/tbb-testsuite/tbb-testsuite/test-data/svg//img_src_url.html%20%D9%84%D9%8A%D8%B3%20%D9%85%D9%82%D8%B1%D9%88%D8%A1%D9%8B%D8%A7.
stacktrace:
WebDriverError@chrome://marionette/content/error.js:178:5
UnknownError@chrome://marionette/content/error.js:529:5
handleReadyState@chrome://marionette/content/listener.js:277:21
handleEvent@chrome://marionette/content/listener.js:245:9
```
The `svg-enable` test fails with the same error:
```
Traceback (most recent call last):
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.egg/marionette_harness/marionette_test/testcases.py", line 156, in run
testMethod()
File "/home/tbb-testsuite/tbb-testsuite/marionette/tor_browser_tests/test_svg.py", line 32, in test_svg
m.navigate("%s/img_src_url.html" % self.svg_dir)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 1632, in navigate
self._send_message("get", {"url": url})
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/decorators.py", line 23, in _
return func(*args, **kwargs)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 740, in _send_message
self._handle_error(err)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 764, in _handle_error
raise errors.lookup(error)(message, stacktrace=stacktrace)
UnknownException: Reached error page: about:neterror?e=fileAccessDenied&u=file%3A///home/tbb-testsuite/tbb-testsuite/test-data/svg//img_src_url.html&c=UTF-8&f=regular&d=%D8%A7%D9%84%D9%85%D9%84%D9%81%20%D9%81%D9%8A%20/home/tbb-testsuite/tbb-testsuite/test-data/svg//img_src_url.html%20%D9%84%D9%8A%D8%B3%20%D9%85%D9%82%D8%B1%D9%88%D8%A1%D9%8B%D8%A7.
stacktrace:
WebDriverError@chrome://marionette/content/error.js:178:5
UnknownError@chrome://marionette/content/error.js:529:5
handleReadyState@chrome://marionette/content/listener.js:277:21
handleEvent@chrome://marionette/content/listener.js:245:9
```cypherpunkscypherpunkshttps://gitlab.torproject.org/legacy/trac/-/issues/28876tbb-testsuite: fix the noscript test2020-06-13T17:41:18Zboklmtbb-testsuite: fix the noscript testThe noscript test is currently failing, because it is trying to use the `noscript.global` pref to enable/disable noscript, which is not used anymore by the new version of noscript.
To test the different states of noscript, we can instea...The noscript test is currently failing, because it is trying to use the `noscript.global` pref to enable/disable noscript, which is not used anymore by the new version of noscript.
To test the different states of noscript, we can instead change the security level.cypherpunkscypherpunkshttps://gitlab.torproject.org/legacy/trac/-/issues/29615Adjust creation of buildID script2020-06-16T01:25:30ZGeorg KoppenAdjust creation of buildID scriptWe should adjust the creation of our build ID script to make sure we have a larger space using the months available (currently Tor Browser 17 is the last major version that produces valid buildIDs). And we should think about a good way t...We should adjust the creation of our build ID script to make sure we have a larger space using the months available (currently Tor Browser 17 is the last major version that produces valid buildIDs). And we should think about a good way to implement something where we don't need to worry about the buildID creation in the future anymore.https://gitlab.torproject.org/legacy/trac/-/issues/29834Update Google Play screenshots2020-06-16T01:01:43ZMatthew FinkelUpdate Google Play screenshotsWe should show the new bootstrap/configuration UI. Maybe we should wait until the animation is working, too.We should show the new bootstrap/configuration UI. Maybe we should wait until the animation is working, too.https://gitlab.torproject.org/legacy/trac/-/issues/30333tbb-testsuite: fix the download_pdf test2020-06-13T17:41:22Zboklmtbb-testsuite: fix the download_pdf testThe `download_pdf` test currently fails with the error:
```
Traceback (most recent call last):
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.egg/mario...The `download_pdf` test currently fails with the error:
```
Traceback (most recent call last):
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.egg/marionette_harness/marionette_test/testcases.py", line 156, in run
testMethod()
File "/home/tbb-testsuite/tbb-testsuite/marionette/tor_browser_tests/test_download_pdf.py", line 24, in test_download_pdf
m.set_window_size(1024, 300)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 2063, in set_window_size
return self._send_message("setWindowSize", body)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/decorators.py", line 23, in _
return func(*args, **kwargs)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 740, in _send_message
self._handle_error(err)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 764, in _handle_error
raise errors.lookup(error)(message, stacktrace=stacktrace)
UnknownCommandException: setWindowSize
stacktrace:
WebDriverError@chrome://marionette/content/error.js:178:5
UnknownCommandError@chrome://marionette/content/error.js:518:5
despatch@chrome://marionette/content/server.js:286:13
execute@chrome://marionette/content/server.js:267:11
onPacket/<@chrome://marionette/content/server.js:242:15
onPacket@chrome://marionette/content/server.js:241:8
_onJSONObjectReady/<@chrome://marionette/content/transport.js:500:9
```cypherpunkscypherpunkshttps://gitlab.torproject.org/legacy/trac/-/issues/30339tbb-testsuite: fix the play_videos test2020-06-13T17:41:23Zboklmtbb-testsuite: fix the play_videos testThe play_videos test currently fails with:
```
Traceback (most recent call last):
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.egg/marionette_harness...The play_videos test currently fails with:
```
Traceback (most recent call last):
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.egg/marionette_harness/marionette_test/testcases.py", line 156, in run
testMethod()
File "/home/tbb-testsuite/tbb-testsuite/marionette/tor_browser_tests/test_page.py", line 32, in test_page
elt = self.marionette.find_element('id', 'test_result');
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 1852, in find_element
return self._send_message("findElement", body, key="value")
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/decorators.py", line 23, in _
return func(*args, **kwargs)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 740, in _send_message
self._handle_error(err)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 764, in _handle_error
raise errors.lookup(error)(message, stacktrace=stacktrace)
NoSuchElementException: Unable to locate element: test_result
stacktrace:
WebDriverError@chrome://marionette/content/error.js:178:5
NoSuchElementError@chrome://marionette/content/error.js:434:5
element.find/</<@chrome://marionette/content/element.js:341:16
```https://gitlab.torproject.org/legacy/trac/-/issues/30340tbb-testsuite: fix the searchengines test2020-06-13T17:41:23Zboklmtbb-testsuite: fix the searchengines testThe searchengines test is currently failing with the error:
```
Traceback (most recent call last):
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.egg/m...The searchengines test is currently failing with the error:
```
Traceback (most recent call last):
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.egg/marionette_harness/marionette_test/testcases.py", line 156, in run
testMethod()
File "/home/tbb-testsuite/tbb-testsuite/marionette/tor_browser_tests/test_searchengines.py", line 25, in test_searchengines
self.marionette.navigate('about:')
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 1632, in navigate
self._send_message("get", {"url": url})
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/decorators.py", line 23, in _
return func(*args, **kwargs)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 740, in _send_message
self._handle_error(err)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 764, in _handle_error
raise errors.lookup(error)(message, stacktrace=stacktrace)
UnknownException: [Exception... "The URI is malformed" nsresult: "0x804b000a (NS_ERROR_MALFORMED_URI)" location: "JS frame :: chrome://marionette/content/listener.js :: get/< :: line 1053" data: no]
stacktrace:
get/<@chrome://marionette/content/listener.js:1053:7
navigate/<@chrome://marionette/content/listener.js:415:13
navigate@chrome://marionette/content/listener.js:414:13
get@chrome://marionette/content/listener.js:1052:5
```https://gitlab.torproject.org/legacy/trac/-/issues/30431tbb-testsuite: Fix the https-everywhere test2020-06-13T17:41:24Zboklmtbb-testsuite: Fix the https-everywhere testWe should fix the https-everywhere test.
The test is currently failing because http://httpbin.org/ does not get redirected during the test (although it is working outside the test suite).We should fix the https-everywhere test.
The test is currently failing because http://httpbin.org/ does not get redirected during the test (although it is working outside the test suite).Alex CatarineuAlex Catarineuhttps://gitlab.torproject.org/legacy/trac/-/issues/30432tbb-testsuite: fix the fpcentral test2020-06-13T17:41:25Zboklmtbb-testsuite: fix the fpcentral testThe fpcentral test currently fails with the error:
```
Traceback (most recent call last):
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.egg/marionette...The fpcentral test currently fails with the error:
```
Traceback (most recent call last):
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_harness-4.3.0-py2.7.egg/marionette_harness/marionette_test/testcases.py", line 156, in run
testMethod()
File "/home/tbb-testsuite/tbb-testsuite/marionette/tor_browser_tests/test_fpcentral.py", line 28, in test_page
elt = self.marionette.find_element('id', 'acceptableSummaryResult');
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 1852, in find_element
return self._send_message("findElement", body, key="value")
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/decorators.py", line 23, in _
return func(*args, **kwargs)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 740, in _send_message
self._handle_error(err)
File "/home/tbb-testsuite/tbb-testsuite/virtualenv-marionette-4.3.0/local/lib/python2.7/site-packages/marionette_driver-2.5.0-py2.7.egg/marionette_driver/marionette.py", line 764, in _handle_error
raise errors.lookup(error)(message, stacktrace=stacktrace)
NoSuchElementException: Unable to locate element: acceptableSummaryResult
stacktrace:
WebDriverError@chrome://marionette/content/error.js:178:5
NoSuchElementError@chrome://marionette/content/error.js:434:5
element.find/</<@chrome://marionette/content/element.js:341:16
```https://gitlab.torproject.org/legacy/trac/-/issues/30756Android: Begin bootstrapping immediately after success2020-06-16T01:04:43ZMatthew FinkelAndroid: Begin bootstrapping immediately after successAfter Tor Browser successfully bootstraps once Tor-Launcher does not prompt the user to "connect" or "configure" the next time (or subsequent times, until there is a bootstrap failure). Android should provide a similar experience.
There...After Tor Browser successfully bootstraps once Tor-Launcher does not prompt the user to "connect" or "configure" the next time (or subsequent times, until there is a bootstrap failure). Android should provide a similar experience.
There is significantly more risk involved here, however, because (I assume) we are much more likely to "roam" onto a hostile network using a mobile device than when using a desktop or laptop.
Maybe we should make this opt-in as a config option in network settings?
I'm also a little worried about the conflict between safe-by-default and easy-to-use-by-default. Will a Firefox Focus user install Tor Browser and then configure it to automatically connect?https://gitlab.torproject.org/legacy/trac/-/issues/30854Android: Downloads are confusing2020-06-16T01:05:04ZMatthew FinkelAndroid: Downloads are confusingDownloading files in Tor Browser on Android is sometimes confusing and not safe. There are two separate but related issues.
Problems:
1. Downloads are saved in the shared storage. See #26574 for more information about this and download...Downloading files in Tor Browser on Android is sometimes confusing and not safe. There are two separate but related issues.
Problems:
1. Downloads are saved in the shared storage. See #26574 for more information about this and downloading files into the app's internal storage.
2. When the app is restarted after downloading a file, the file is not listed in Tor Browser's Downloads list anymore. This is very confusing, especially because the file is still saved in the shared storage. I suspect this is because private browsing mode doesn't save state (including recent downloads).https://gitlab.torproject.org/legacy/trac/-/issues/31075Consider dropping browser patch for 263532020-06-16T01:05:29ZAlex CatarineuConsider dropping browser patch for 26353I think the patch for #26353 is not strictly needed, since the speculative connections are blocked when a proxy is configured (here: https://github.com/mozilla/gecko-dev/blob/esr60/netwerk/base/nsIOService.cpp#L1621, and same in 68). So ...I think the patch for #26353 is not strictly needed, since the speculative connections are blocked when a proxy is configured (here: https://github.com/mozilla/gecko-dev/blob/esr60/netwerk/base/nsIOService.cpp#L1621, and same in 68). So while the speculative requests can be seen in torbutton domain-isolator, they should be dropped before they reach tor client.
I tested by changing the torbutton code to not put all these to the `--unknown--` catch-all circuit so that they could be tracked, and while I can see these in logs coming from the domain isolator, there are no corresponding open circuits in the `Torbutton INFO: controlPort << getinfo circuit-status` logs.
It's always possible that this might change in the future (according to the comments in that file, the reason why the speculative connections are not performed when there is a proxy do not seem so strong). So we might still want the current patch for #26353 just in case, I'm not sure.https://gitlab.torproject.org/legacy/trac/-/issues/31161Document usage and setup of Android signing token2020-06-16T01:26:59ZGeorg KoppenDocument usage and setup of Android signing tokenWe have documentation in `tor-browser-spec` about setting up our Windows signing token and should do the same for the Android one.
We could add the relevant instructions for using the whole setup on our actual signing machine in a separ...We have documentation in `tor-browser-spec` about setting up our Windows signing token and should do the same for the Android one.
We could add the relevant instructions for using the whole setup on our actual signing machine in a separate commit within this ticket's scope.Matthew FinkelMatthew Finkelhttps://gitlab.torproject.org/legacy/trac/-/issues/31915Uplift libvpx/libaom patch for cpu-features.c2020-06-16T01:07:54ZMatthew FinkelUplift libvpx/libaom patch for cpu-features.c`cpu-features.c` from the Android NDK is included twice when webrtc is disabled.
https://searchfox.org/mozilla-central/source/media/libaom/moz.build#92
https://searchfox.org/mozilla-central/source/media/libvpx/moz.build#102
This result...`cpu-features.c` from the Android NDK is included twice when webrtc is disabled.
https://searchfox.org/mozilla-central/source/media/libaom/moz.build#92
https://searchfox.org/mozilla-central/source/media/libvpx/moz.build#102
This results in a build failure due to `multiple definitions`.
```
36:05.43 /home/android/.mozbuild/android-ndk-r15c/toolchains/arm-linux-androideabi-4.9/prebuilt/linux-x86_64/lib/gcc/arm-linux-androideabi/4.9.x/../../../../arm-linux-androideabi/bin/ld: error: /home/andr
oid/tor-browser/obj-arm-linux-androideabi/toolkit/library/../../media/libaom/cpu-features.o: multiple definition of 'android_getCpuCount'
36:05.43 /home/android/.mozbuild/android-ndk-r15c/toolchains/arm-linux-androideabi-4.9/prebuilt/linux-x86_64/lib/gcc/arm-linux-androideabi/4.9.x/../../../../arm-linux-androideabi/bin/ld: /home/android/tor
-browser/obj-arm-linux-androideabi/toolkit/library/../../media/libvpx/cpu-features.o: previous definition here
36:05.43 /home/android/.mozbuild/android-ndk-r15c/toolchains/arm-linux-androideabi-4.9/prebuilt/linux-x86_64/lib/gcc/arm-linux-androideabi/4.9.x/../../../../arm-linux-androideabi/bin/ld: error: /home/and$
oid/tor-browser/obj-arm-linux-androideabi/toolkit/library/../../media/libaom/cpu-features.o: multiple definition of 'android_getCpuFamily'
36:05.43 /home/android/.mozbuild/android-ndk-r15c/toolchains/arm-linux-androideabi-4.9/prebuilt/linux-x86_64/lib/gcc/arm-linux-androideabi/4.9.x/../../../../arm-linux-androideabi/bin/ld: /home/android/tor
-browser/obj-arm-linux-androideabi/toolkit/library/../../media/libvpx/cpu-features.o: previous definition here
36:05.43 /home/android/.mozbuild/android-ndk-r15c/toolchains/arm-linux-androideabi-4.9/prebuilt/linux-x86_64/lib/gcc/arm-linux-androideabi/4.9.x/../../../../arm-linux-androideabi/bin/ld: error: /home/andr
oid/tor-browser/obj-arm-linux-androideabi/toolkit/library/../../media/libaom/cpu-features.o: multiple definition of 'android_getCpuFeatures'
36:05.44 /home/android/.mozbuild/android-ndk-r15c/toolchains/arm-linux-androideabi-4.9/prebuilt/linux-x86_64/lib/gcc/arm-linux-androideabi/4.9.x/../../../../arm-linux-androideabi/bin/ld: /home/android/tor
-browser/obj-arm-linux-androideabi/toolkit/library/../../media/libvpx/cpu-features.o: previous definition here
```Matthew FinkelMatthew Finkelhttps://gitlab.torproject.org/legacy/trac/-/issues/31986Update fpcentral dependencies2020-06-13T17:41:27ZboklmUpdate fpcentral dependenciesThis file contains the python dependencies we install to run fpcentral:
https://gitweb.torproject.org/fpcentral.git/tree/requirements.txt
We should update dependencies to the latest versions available if possible, in case they are fixin...This file contains the python dependencies we install to run fpcentral:
https://gitweb.torproject.org/fpcentral.git/tree/requirements.txt
We should update dependencies to the latest versions available if possible, in case they are fixing some security issues.https://gitlab.torproject.org/legacy/trac/-/issues/31987Make fpcentral recognize Tor Browser esr682020-06-13T17:41:27ZboklmMake fpcentral recognize Tor Browser esr68We should make fpcentral recognize the esr68 user agent string, similarly to #26623.We should make fpcentral recognize the esr68 user agent string, similarly to #26623.https://gitlab.torproject.org/legacy/trac/-/issues/32027Bump version of Go to 1.13+2022-09-01T23:00:13ZCecylia BocovichBump version of Go to 1.13+We're going to need it eventually for newer versions of pion/webrtc, and there's a nice feature in to log package that allows us to pass the log output writer to libraries.We're going to need it eventually for newer versions of pion/webrtc, and there's a nice feature in to log package that allows us to pass the log output writer to libraries.boklmboklmhttps://gitlab.torproject.org/legacy/trac/-/issues/32537Update marionette version used in tor browser testsuite, for ESR782020-06-13T17:41:29ZboklmUpdate marionette version used in tor browser testsuite, for ESR78The version of marionette that is used by the tor browser testsuite needs to be updated in order to support esr68 versions of Tor Browser.
The package versions used are for current mozilla-central (78).The version of marionette that is used by the tor browser testsuite needs to be updated in order to support esr68 versions of Tor Browser.
The package versions used are for current mozilla-central (78).https://gitlab.torproject.org/legacy/trac/-/issues/33202Update Tor Browser for Android's Google Play description2020-06-16T01:11:07ZTracUpdate Tor Browser for Android's Google Play descriptionTBA's Google Play description still has the sentence: "Give before the end of 2019, and Mozilla will match your gift: https://donate.torproject.org/donate/donate-tbi-gp".
This should be updated.
**Trac**:
**Username**: PROTechThorTBA's Google Play description still has the sentence: "Give before the end of 2019, and Mozilla will match your gift: https://donate.torproject.org/donate/donate-tbi-gp".
This should be updated.
**Trac**:
**Username**: PROTechThorhttps://gitlab.torproject.org/legacy/trac/-/issues/33288forrestii/fpcentral still has stretch packages (mongodb)2020-06-13T17:41:29Zanarcatforrestii/fpcentral still has stretch packages (mongodb)fpcentral requires mongodb to operate, but that package was removed from Debian stable in february 2019, mainly [because of license problems](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916107). to quote wikipedia:
> MongoDB has ...fpcentral requires mongodb to operate, but that package was removed from Debian stable in february 2019, mainly [because of license problems](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916107). to quote wikipedia:
> MongoDB has been dropped from the Debian, Fedora and Red Hat Enterprise Linux distributions due to the licensing change. Fedora determined that the SSPL version 1 is not a free software license because it is "intentionally crafted to be aggressively discriminatory" towards commercial users.
(there is also an [unpatched security issue](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934783) against mongodb, by the way...)
we can't maintain this service like that in the long term. stretch will stop being supported this summer and mongodb isn't supported in its free form.
what's the plan for replacing mongodb?cypherpunkscypherpunkshttps://gitlab.torproject.org/legacy/trac/-/issues/33664Sponsor 58: Migrate Tor Browser for Android to Firefox’s Fenix2020-06-16T01:11:56ZPili GuerraSponsor 58: Migrate Tor Browser for Android to Firefox’s FenixThis is the master ticket for the whole Sponsor58 project.
https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor58This is the master ticket for the whole Sponsor58 project.
https://trac.torproject.org/projects/tor/wiki/org/sponsors/Sponsor58https://gitlab.torproject.org/legacy/trac/-/issues/33848Disable Enhanced Tracking Protection (assuming we want it disabled)2020-06-16T01:12:22ZrichardDisable Enhanced Tracking Protection (assuming we want it disabled)There doesn't seem to be a single pref that disables everything, here's the prefs we need to set to disable the functionality:
- network.cookie.cookieBehavior = 0
- privacy.trackingprotection.enabled = false
- privacy.trackingprotect...There doesn't seem to be a single pref that disables everything, here's the prefs we need to set to disable the functionality:
- network.cookie.cookieBehavior = 0
- privacy.trackingprotection.enabled = false
- privacy.trackingprotection.pbmode.enabled = false
- privacy.trackingprotection.socialtracking.enabled = false
- privacy.trackingprotection.cryptomining.enabled = false
- privacy.trackingprotection.fingerprinting.enabled = false
We would need to some code to remove the ETP UI from about:preferences, the urlbar, etc.Mark SmithMark Smithhttps://gitlab.torproject.org/legacy/trac/-/issues/33849Maybe disable Windows Hello2020-06-16T01:12:23ZrichardMaybe disable Windows HelloIf we want to disable Windows Hello and associated biometrics queries in Tor Browser it looks like we can patch various IsUserVerifyingPlatformAuthenticatorAvailable calls to always return false.
It seems like there was a bit of a refac...If we want to disable Windows Hello and associated biometrics queries in Tor Browser it looks like we can patch various IsUserVerifyingPlatformAuthenticatorAvailable calls to always return false.
It seems like there was a bit of a refactor to wrap both Windows Hello as well hardware tokens like yubikeys(?) into the same authentication system so we need to take care to not break support for these.
See this patch: https://bugzilla.mozilla.org/show_bug.cgi?id=1508115
The library Mozilla is using to add Windows Hello support: https://github.com/Microsoft/webauthnhttps://gitlab.torproject.org/legacy/trac/-/issues/33851Patch out Parental Controls detection and logging2020-06-16T01:12:23ZrichardPatch out Parental Controls detection and loggingWe should remove the per-OS implementations of nsIParentalControlsService in `/toolkit/components/parentalcontrols` and always use the stubbed-out `nsParentalControlsServiceDefault.cpp` implementation.
When an implementation is present,...We should remove the per-OS implementations of nsIParentalControlsService in `/toolkit/components/parentalcontrols` and always use the stubbed-out `nsParentalControlsServiceDefault.cpp` implementation.
When an implementation is present, URIs are sent to an `isAllowed(...` function that parental control software presumably can hook in the OS to filter content, and a `log(...)` method also takes in URIs.Mark SmithMark Smithhttps://gitlab.torproject.org/legacy/trac/-/issues/33852Clean up about:logins (LockWise) to avoid mentioning sync, etc.2020-06-16T01:12:24ZrichardClean up about:logins (LockWise) to avoid mentioning sync, etc.LockWise is a new built-in password manager in firefox with Sync integration
For now can currently be disabled by (fallsback to old password storage UI):
- signon.management.overrideURI = ""LockWise is a new built-in password manager in firefox with Sync integration
For now can currently be disabled by (fallsback to old password storage UI):
- signon.management.overrideURI = ""https://gitlab.torproject.org/legacy/trac/-/issues/33853Disable What's New? feature2020-06-16T01:12:24ZrichardDisable What's New? featureMozilla's onboarding/introduction UX for new features.
Relevant tickets:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1561307
- https://bugzilla.mozilla.org/show_bug.cgi?id=1563319
Disable via:
- browser.messaging-system.whatsNewPane...Mozilla's onboarding/introduction UX for new features.
Relevant tickets:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1561307
- https://bugzilla.mozilla.org/show_bug.cgi?id=1563319
Disable via:
- browser.messaging-system.whatsNewPanel.enabled = falsehttps://gitlab.torproject.org/legacy/trac/-/issues/33854Spoof Network ID2020-06-16T01:12:25ZrichardSpoof Network IDMozilla 1561005 added a unique string identifier to `nsINetworkLinkService.idl`. It's at least partially based off of a hash of the user's IP and MAC address. It's not clear to me what it's used for, but we should probably stub out the i...Mozilla 1561005 added a unique string identifier to `nsINetworkLinkService.idl`. It's at least partially based off of a hash of the user's IP and MAC address. It's not clear to me what it's used for, but we should probably stub out the implementations.
Relevant ticket:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1561005https://gitlab.torproject.org/legacy/trac/-/issues/33855Don't use site's icon as window icon in Windows when in private browsing mode2020-06-16T01:12:25ZrichardDon't use site's icon as window icon in Windows when in private browsing modeWhen the browser is in site-specific browser mode the app browser icon is set to the website's favicon. This icon presumably is cached somewhere by the operating system, so we should not expose the icon in this fashion when in private br...When the browser is in site-specific browser mode the app browser icon is set to the website's favicon. This icon presumably is cached somewhere by the operating system, so we should not expose the icon in this fashion when in private browsing mode.
This mode can be accessed when:
- browser.ssb.enabled = true
Relevant ticket:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1602194https://gitlab.torproject.org/legacy/trac/-/issues/33856Set browser.privatebrowsing.forceMediaMemoryCache=true2020-06-24T11:43:52ZrichardSet browser.privatebrowsing.forceMediaMemoryCache=trueNew pref added to disable disk caching of video in private browsing mode.
Relevant ticket:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1532486New pref added to disable disk caching of video in private browsing mode.
Relevant ticket:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1532486Mark SmithMark Smithhttps://gitlab.torproject.org/legacy/trac/-/issues/33862Fix usages of createTransport API2020-06-16T01:12:27ZAlex CatarineuFix usages of createTransport APIThere was a nsISocketTransportService breaking change in https://bugzilla.mozilla.org/show_bug.cgi?id=1558726. We have to fix those in torbutton and tor-launcher.There was a nsISocketTransportService breaking change in https://bugzilla.mozilla.org/show_bug.cgi?id=1558726. We have to fix those in torbutton and tor-launcher.https://gitlab.torproject.org/legacy/trac/-/issues/33865Maybe disable all auto-play2020-06-16T01:12:27ZrichardMaybe disable all auto-playIf we set media.autoplay.default=5 audio and video become click to play (0> allow all, 1 => block audio, 5 => block audio+video). Seems like a good default for tor network in general from a bandwidth perspective?If we set media.autoplay.default=5 audio and video become click to play (0> allow all, 1 => block audio, 5 => block audio+video). Seems like a good default for tor network in general from a bandwidth perspective?https://gitlab.torproject.org/legacy/trac/-/issues/33866Add Onion Service info to new cert viewer2020-06-16T01:12:28ZrichardAdd Onion Service info to new cert viewerwhen security.aboutcertificate.enabled is true (now the default in Firefox) the new cert viewer UI is enabled. As part of #23247 we added 'Onion Service' string to security/encryption info for onion services, so we will need to replicate...when security.aboutcertificate.enabled is true (now the default in Firefox) the new cert viewer UI is enabled. As part of #23247 we added 'Onion Service' string to security/encryption info for onion services, so we will need to replicate this change in the new UI.https://gitlab.torproject.org/legacy/trac/-/issues/33867Disable password manager and password generation2020-06-16T01:12:28ZrichardDisable password manager and password generationDisable the integrated password manager and password generation feature as part of disk avoidance.
Feature documentation: https://wiki.mozilla.org/Toolkit:Password_Manager/Password_Generation
Set preferences:
- signon.generation.avail...Disable the integrated password manager and password generation feature as part of disk avoidance.
Feature documentation: https://wiki.mozilla.org/Toolkit:Password_Manager/Password_Generation
Set preferences:
- signon.generation.available=false
- signon.generation.enabled=falsehttps://gitlab.torproject.org/legacy/trac/-/issues/33954Consider different approach for "2176: Rebrand Firefox to TorBrowser "2020-06-16T01:12:39ZAlex CatarineuConsider different approach for "2176: Rebrand Firefox to TorBrowser "The current patch replaces all occurrences of `branding/brand.ftl` with `branding/tor-browser-brand.ftl`. This means that many files are touched by the patch (increasing chances of rebase conflict), and whenever Firefox adds new instance...The current patch replaces all occurrences of `branding/brand.ftl` with `branding/tor-browser-brand.ftl`. This means that many files are touched by the patch (increasing chances of rebase conflict), and whenever Firefox adds new instances of `branding/brand.ftl` we need to modify the patch to also cover those.
I think we should try a different approach to keep all instances of `branding/brand.ftl` untouched, and do the `branding/brand.ftl` -> `branding/tor-browser-brand.ftl` remapping somewhere else, and just in a single place.
One way would be to force the Fluent `FileSource` that we register in torbutton to take precedence over any other source and rename `tor-browser-brand.ftl` to `brand.ftl`, to override Firefox one (including langpacks).
We probably would need to do this in [L10nRegistry.js](https://searchfox.org/mozilla-central/rev/3446310d6cc5c85cde16a82eccf560e9b71a3d44/intl/l10n/L10nRegistry.jsm#141), but I would need to investigate a bit more.https://gitlab.torproject.org/legacy/trac/-/issues/33960Uplift patch for "32414: Make Services.search.addEngine obey FPI"2020-06-16T01:12:40ZAlex CatarineuUplift patch for "32414: Make Services.search.addEngine obey FPI"Alex CatarineuAlex Catarineuhttps://gitlab.torproject.org/legacy/trac/-/issues/33961Uplift patch for "21830: Copying large text from web console leaks to /tmp"2020-06-16T01:12:40ZAlex CatarineuUplift patch for "21830: Copying large text from web console leaks to /tmp"Bugzilla is https://bugzilla.mozilla.org/show_bug.cgi?id=1433030. We can somehow try to make progress on that.Bugzilla is https://bugzilla.mozilla.org/show_bug.cgi?id=1433030. We can somehow try to make progress on that.https://gitlab.torproject.org/legacy/trac/-/issues/33962Uplift patch for 5741 (dns leak protection)2020-06-16T01:12:41ZAlex CatarineuUplift patch for 5741 (dns leak protection)This should probably be under the `--enable-proxy-bypass-protection` flag.This should probably be under the `--enable-proxy-bypass-protection` flag.Alex CatarineuAlex Catarineuhttps://gitlab.torproject.org/legacy/trac/-/issues/33963Uplift test for 21321 (Add test for .onion whitelisting)2020-06-16T01:12:41ZAlex CatarineuUplift test for 21321 (Add test for .onion whitelisting)It's just making sure that `dom.securecontext.whitelist_onions` is set to `false`, which should not affect Firefox.It's just making sure that `dom.securecontext.whitelist_onions` is set to `false`, which should not affect Firefox.Alex CatarineuAlex Catarineuhttps://gitlab.torproject.org/legacy/trac/-/issues/33964Consider uplifting 21537: Mark .onion cookies as secure2020-06-16T01:12:41ZAlex CatarineuConsider uplifting 21537: Mark .onion cookies as secureAssuming that adapting the patch for newer Firefox versions was done correctly in #33533, now the patch is just a single [line](https://github.com/acatarineu/tor-browser/commit/53dad612587427817197d6bc2559285cc65ae238), which might be ea...Assuming that adapting the patch for newer Firefox versions was done correctly in #33533, now the patch is just a single [line](https://github.com/acatarineu/tor-browser/commit/53dad612587427817197d6bc2559285cc65ae238), which might be easy to uplift.https://gitlab.torproject.org/legacy/trac/-/issues/33965Uplift 27604: Fix addon issues when moving TB directory2020-06-16T01:12:42ZAlex CatarineuUplift 27604: Fix addon issues when moving TB directoryThis is https://bugzilla.mozilla.org/show_bug.cgi?id=1429838, which did not get much attention by mozilla. But we can try attaching our patch and see if there's some progress.This is https://bugzilla.mozilla.org/show_bug.cgi?id=1429838, which did not get much attention by mozilla. But we can try attaching our patch and see if there's some progress.Alex CatarineuAlex Catarineuhttps://gitlab.torproject.org/legacy/trac/-/issues/34193Audit the U2F API2020-06-16T01:13:01ZAlex CatarineuAudit the U2F APISimilar to #26614, we should audit the `U2F` API implementation that is enabled with the `security.webauth.u2f` pref.Similar to #26614, we should audit the `U2F` API implementation that is enabled with the `security.webauth.u2f` pref.https://gitlab.torproject.org/legacy/trac/-/issues/34377Port padlock states for .onion services to Fenix2020-06-16T01:13:16ZGeorg KoppenPort padlock states for .onion services to Fenix#26690 ported the padlock states for onions to mobile. We need to redo that for Fenix.#26690 ported the padlock states for onions to mobile. We need to redo that for Fenix.https://gitlab.torproject.org/legacy/trac/-/issues/34378Port external helper app prompting before opening to Fenix2020-06-15T23:01:25ZGeorg KoppenPort external helper app prompting before opening to FenixIn #26529 we ported the desktop capability to prompt before opening external apps to mobile. We need to redo that proxy-bypass-protection part for Fenix.In #26529 we ported the desktop capability to prompt before opening external apps to mobile. We need to redo that proxy-bypass-protection part for Fenix.