- Feb 21, 2018
-
-
Georg Koppen authored
Changelog update and versions bump
-
After much debugging and investigation, it seems that the required information needed to drive the first-party domain cannot be accessed in the XmlHttpRequest creation path. The JS context the part of pdf.js making the range requests runs with does not have a reference to parent window and associated LoadInfo information (which includes the requesting first-party domain). To fix the issue, we can easily disable support for range-based requests via the pdfjs.disableRange property. However, the side-effect here is that pages can not be read as they load; the entire pdf must be downloaded before it can be read and interacted with. This patch updates each platforms extension-overrides.js to change this pref.
-
Georg Koppen authored
-
Georg Koppen authored
-
- Feb 19, 2018
-
-
Georg Koppen authored
-
Georg Koppen authored
-
Georg Koppen authored
We need to whitelist `[System+Principal]` for functioning settings frames of WebExtensions on the about:addons page. On higher security slider levels this is broken otherwise. To quote Giorgio Maone (see: #25000 comment:14): "The Tor Browser enforces permissions cascading, and in the Add-ons Options window the top frame is about:addons, whose principal's origin is [System+Principal]. Since this origin is omitted from Tor Browser's version of NoScript mandatory whitelist, the top site by default is considered forbidden, cascading down script blocking to the WebExtension's subframe."
-
Georg Koppen authored
-
Georg Koppen authored
-
Georg Koppen authored
-
- Feb 16, 2018
-
-
Tor Launcher's Moat client implementation uses Mozilla's Subprocess.jsm module to start the meek client, and that module requires a complete file path including the .exe suffix. For consistency, we now include the .exe suffix everywhere.
-
- Feb 10, 2018
-
-
boklm authored
-
- Feb 08, 2018
- Feb 06, 2018
-
-
boklm authored
This fixes the download of the osx64 mar files. Previously we were unsigning the downloaded mar files and checking them with sha256sums-unsigned-build.txt. The signed osx64 mar files include files that are code-signed, so unsigning the mar file is not enough to get a mar file matching sha256sums-unsigned-build.txt.
-
- Feb 02, 2018
-
-
boklm authored
-
Georg Koppen authored
-
Georg Koppen authored
-
- Feb 01, 2018
-
-
boklm authored
-
- Jan 28, 2018
-
-
boklm authored
-
- Jan 26, 2018
-
-
Georg Koppen authored
Patch provided by kkuehl, thanks
-
- Jan 24, 2018
-
-
Georg Koppen authored
-
- Jan 19, 2018
-
-
Georg Koppen authored
Use tor-browser -2 and build number bump
-
- Jan 18, 2018
-
-
Georg Koppen authored
-
Georg Koppen authored
-
Georg Koppen authored
-
Georg Koppen authored
Changelog update and versions bump
-
Georg Koppen authored
-
- Jan 17, 2018
-
-
boklm authored
-
-
-
- Jan 16, 2018
-
-
Georg Koppen authored
-
Georg Koppen authored
-
Georg Koppen authored
-
Georg Koppen authored
-
Georg Koppen authored
-
boklm authored
The defaut timestamp value will use the commit time of the selected commit for the project, which will require cloning the git repository if it is not present. When we use the no_build_id target to display a script, we usually don't care about such details, so we set timestamp to 0 to avoid unnecessary cloning.
-
- Jan 09, 2018
-
-
boklm authored
-
-
- Dec 22, 2017
-
-
boklm authored
-