1. 31 May, 2019 1 commit
  2. 09 May, 2019 1 commit
  3. 03 May, 2019 1 commit
    • Kathleen Brade's avatar
      Bug 29045: Ensure that tor does not start up in dormant mode. · e7c10d72
      Kathleen Brade authored and Georg Koppen's avatar Georg Koppen committed
      When operating as a client and there is no network activity for
      24 hours, tor 0.4.x will enter a dormant mode. Since most people
      who start Tor Browser expect to use it right way, and since
      bootstrapping won't occur when tor is dormant, we added the following
      to torrc-defaults to ensure that tor leaves dormant mode:
        DormantCanceledByStartup 1
      e7c10d72
  4. 22 Jun, 2018 1 commit
    • Richard Pospesel's avatar
      Bug 26039: <profiledir>/preferences/extension-overrides.js will not be loaded in ESR 60 · 4f7417be
      Richard Pospesel authored and Georg Koppen's avatar Georg Koppen committed
      The infrastructure for loading extension-overrides.js no longer
      exists in ESR60, so these prefs had to be moved.
      
      Unfortunately, we can't just dump the contents of extension-overrides.js
      into 000-tor-browser.js.  The settings are actually partially built in
      tor-browser-build to conditionally include various bridge strings as well
      as localization settings.  So, we piggy back off this existing build
      process and just append the contents of the partially generated
      extension-overrids.js to 000-tor-browser.js.
      4f7417be
  5. 22 Feb, 2018 1 commit
  6. 21 Feb, 2018 1 commit
    • Richard Pospesel's avatar
      Bug 15599: Range requests used by pdfjs are not isolated to URL bar domain · 7db15759
      Richard Pospesel authored and Georg Koppen's avatar Georg Koppen committed
      After much debugging and investigation, it seems that the required
      information needed to drive the first-party domain cannot be accessed in
      the XmlHttpRequest creation path.  The JS context the part of pdf.js making
      the range requests runs with does not have a reference to parent window and
      associated LoadInfo information (which includes the requesting first-party
      domain).
      
      To fix the issue, we can easily disable support for range-based requests
      via the pdfjs.disableRange property.  However, the side-effect here is
      that pages can not be read as they load; the entire pdf must be
      downloaded before it can be read and interacted with.
      
      This patch updates each platforms extension-overrides.js to change this
      pref.
      7db15759
  7. 19 Feb, 2018 1 commit
    • Georg Koppen's avatar
      Bug 25000: Add [System+Principal] to the NoScript whitelist · fefb117a
      Georg Koppen authored
      We need to whitelist `[System+Principal]` for functioning settings
      frames of WebExtensions on the about:addons page. On higher security
      slider levels this is broken otherwise.
      
      To quote Giorgio Maone (see: #25000 comment:14):
      
      "The Tor Browser enforces permissions cascading, and in the Add-ons
      Options window the top frame is about:addons, whose principal's origin
      is [System+Principal]. Since this origin is omitted from Tor Browser's
      version of NoScript mandatory whitelist, the top site by default is
      considered forbidden, cascading down script blocking to the
      WebExtension's subframe."
      fefb117a
  8. 29 Sep, 2017 1 commit
    • Richard Pospesel's avatar
      Bug 22501: Requests via javascript: violate FPI · ee2f0609
      Richard Pospesel authored and Georg Koppen's avatar Georg Koppen committed
      By default NoScript attempts to find URLs in "javascript:.*" strings
      found in <a> element href atributes and in <option> element value
      attributes.  When such links (or options) are clicked/selected,
      NoScript attempts to navigate the page to said URL.  These navigations
      are treated as intternal requests, and get pacced onto the catch-all
      circuit.
      
      This behaviour can be turned off by disabling the 'noscript.fixLinks'
      flag, so we do so for each Tor Browser build target's
      extension-overrides.js.
      ee2f0609
  9. 29 Aug, 2017 1 commit
  10. 02 Aug, 2017 1 commit
  11. 20 Jul, 2017 1 commit
  12. 09 Jun, 2017 1 commit
  13. 02 Jun, 2017 2 commits
  14. 12 May, 2017 2 commits
  15. 21 Apr, 2017 1 commit
  16. 13 Apr, 2017 1 commit
  17. 20 Jan, 2017 1 commit