Alex Catarineu authored 5 years ago and ma1 committed 2 months ago

Whenever a valid Onion-Location HTTP header (or corresponding HTML
<meta> http-equiv attribute) is found in a document load, we either
redirect to it (if the user opted-in via preference) or notify the
presence of an onionsite alternative with a badge in the urlbar.

Kathleen Brade authored 5 years ago and ma1 committed 2 months ago

When Tor informs the browser that client authentication is needed,
temporarily load about:blank instead of about:neterror and prompt
for the user's key.

If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD
control port command to add the key (via Torbutton's control port
module) and reload the page.

If the user cancels the prompt, display the standard about:neterror
"Unable to connect" page. This requires a small change to
browser/actors/NetErrorChild.jsm to account for the fact that the
docShell no longer has the failedChannel information. The failedChannel
is used to extract TLS-related error info, which is not applicable
in the case of a canceled .onion authentication prompt.

Add a leaveOpen option to PopupNotifications.show so we can display
error messages within the popup notification doorhanger without
closing the prompt.

Add support for onion services strings to the TorStrings module.

Add support for Tor extended SOCKS errors (Tor proposal 304) to the
socket transport and SOCKS layers. Improved display of all of these
errors will be implemented as part of bug 30025.

Also fixes bug 19757:
 Add a "Remember this key" checkbox to the client auth prompt.

 Add an "Onion Services Authentication" section within the
 about:preferences "Privacy & Security section" to allow
 viewing and removal of v3 onion client auth keys that have
 been stored on disk.

Also fixes bug 19251: use enhanced error pages for onion service errors.

Richard Pospesel authored 6 years ago and ma1 committed 2 months ago

Encrypting pages hosted on Onion Services with SSL/TLS is redundant
(in terms of hiding content) as all traffic within the Tor network is
already fully encrypted.  Therefore, serving HTTP pages from an Onion
Service is more or less fine.

Prior to this patch, Tor Browser would mostly treat pages delivered
via Onion Services as well as pages delivered in the ordinary fashion
over the internet in the same way.  This created some inconsistencies
in behaviour and misinformation presented to the user relating to the
security of pages delivered via Onion Services:

 - HTTP Onion Service pages did not have any 'lock' icon indicating
   the site was secure
 - HTTP Onion Service pages would be marked as unencrypted in the Page
   Info screen
 - Mixed-mode content restrictions did not apply to HTTP Onion Service
   pages embedding Non-Onion HTTP content

This patch fixes the above issues, and also adds several new 'Onion'
icons to the mix to indicate all of the various permutations of Onion
Services hosted HTTP or HTTPS pages with HTTP or HTTPS content.

Strings for Onion Service Page Info page are pulled from Torbutton's
localization strings.

Richard Pospesel authored 3 years ago and ma1 committed 2 months ago

- implements new about:torconnect page as tor-launcher replacement
- adds new torconnect component to browser
- tor process management functionality remains implemented in tor-launcher through the TorProtocolService module
- adds warning/error box to about:preferences#tor when not connected to tor

Bug 40773: Update the about:torconnect frontend page to match additional UI flows.

Bug 41608: Add a toolbar status button and a urlbar "Connect" button.

Bug 41613: Skip Drang & Drop filtering for DNS-safe URLs

Georg Koppen authored 5 years ago and ma1 committed 2 months ago

Related Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1428034

Marco Simonelli authored 2 years ago and ma1 committed 2 months ago

- fixes required to build dom/media/systemservices

Marco Simonelli authored 2 years ago and ma1 committed 2 months ago

- fixes required to build dom/media/webrtc

Kagami Sascha Rosylight authored 5 months ago and ma1 committed 2 months ago

Original Revision: https://phabricator.services.mozilla.com/D225687

Differential Revision: https://phabricator.services.mozilla.com/D226147

Andrew McCreight authored 5 months ago and ma1 committed 2 months ago

Original Revision: https://phabricator.services.mozilla.com/D225121

Differential Revision: https://phabricator.services.mozilla.com/D225363

Andrew McCreight authored 5 months ago and ma1 committed 2 months ago

Original Revision: https://phabricator.services.mozilla.com/D222803

Differential Revision: https://phabricator.services.mozilla.com/D224384

Paul Zuehlcke authored 6 months ago and ma1 committed 2 months ago

Original Revision: https://phabricator.services.mozilla.com/D222629

Differential Revision: https://phabricator.services.mozilla.com/D222934

Emilio Cobos Álvarez authored 7 months ago and ma1 committed 2 months ago

When there's trailing garbage after an @import rule we throw, but we
still trigger the load (that's not great but not trivial to change).

Deal with that case before calling ImportRuleLoaded().

Differential Revision: https://phabricator.services.mozilla.com/D219783

Fatih authored 7 months ago and ma1 committed 2 months ago

Bug 1885101: Match screen and window properties with top window for ScreenRect, ScreenAvailRect and WindowOuterSize. r=timhuang,emilio

This patch removes test_iframe.html. We remove it because the newly introduced test covers the tests done in that test. The reason for removing it in the first place is now that screen properties are inherited/spoofed xorigin, we get a 4px difference. The reasosn for 4px difference is the test runner runs tests in an iframe with a 2px border on each side.

Differential Revision: https://phabricator.services.mozilla.com/D215509

Pier Angelo Vendrame authored 1 year ago and ma1 committed 2 months ago

Differential Revision: https://phabricator.services.mozilla.com/D202203

Julian Descottes authored 10 months ago and ma1 committed 2 months ago

Differential Revision: https://phabricator.services.mozilla.com/D210830

Pier Angelo Vendrame authored 1 year ago and ma1 committed 2 months ago

Differential Revision: https://phabricator.services.mozilla.com/D198965

Nuohan Li authored 11 months ago and ma1 committed 2 months ago

Differential Revision: https://phabricator.services.mozilla.com/D204928

Andreas Pehrson authored 1 year ago and ma1 committed 2 months ago

Similar to MediaTrack::mDisabledMode, but this is for uses on the
SourceMediaTrack producer thread. It is still signaled via a control message
from the control thread to maintain order of operations, and is protected by the
SourceMediaTrack mutex.

Differential Revision: https://phabricator.services.mozilla.com/D187554

Kelsey Gilbert authored 1 year ago and ma1 committed 2 months ago

We could do non-racy static init here (e.g. with a static initializer
self-calling-closure), but there doesn't seem to be a strong reason for
this. Let's just use a switch and get robustness from -Werror=switch.

Differential Revision: https://phabricator.services.mozilla.com/D188054

Eden Chuang authored 1 year ago and ma1 committed 2 months ago

Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth

Differential Revision: https://phabricator.services.mozilla.com/D186431

Fatih authored 10 months ago and ma1 committed 2 months ago

resource:// is exempt from RFP, so we no longer need to check pdf.js specifically.

Differential Revision: https://phabricator.services.mozilla.com/D209359

Anna Weine authored 8 months ago and ma1 committed 2 months ago

Bug 1760806 - WebCrypto: ECDH and ECDSA JWK import to check that the crv in params and crv in alg are the same r=keeler

https://treeherder.mozilla.org/jobs?repo=try&revision=ed7936b105dea8e588650feb6baf26a50a6439fc

Differential Revision: https://phabricator.services.mozilla.com/D217273

Edgar Chen authored 9 months ago and ma1 committed 2 months ago

Differential Revision: https://phabricator.services.mozilla.com/D211620

alwu authored 11 months ago and ma1 committed 2 months ago

Differential Revision: https://phabricator.services.mozilla.com/D206943

Differential Revision: https://phabricator.services.mozilla.com/D231951

The WeakPtr type simplifies the situation if the `MIDIPort` object
outlives its `MIDIAccess`.

Differential Revision: https://phabricator.services.mozilla.com/D230812

Bug 1932169 - Throw an error when UnderlyingSource.autoAllocateChunkSize is too large on 32-bit build.  a=RyanVM

Original Revision: https://phabricator.services.mozilla.com/D229811

Differential Revision: https://phabricator.services.mozilla.com/D230270

Original Revision: https://phabricator.services.mozilla.com/D229928

Differential Revision: https://phabricator.services.mozilla.com/D230333

Bug 1924184 - Fix incorrect rendering with FakeVertexAttrib0 and VertexAttribDivisor. r=gfx-reviewers,lsalzman, a=dmeehan

Differential Revision: https://phabricator.services.mozilla.com/D229097

Bug 1924184 - Revert "Bug 1914707 - Disable attrib divisor for non-array attribs." r=gfx-reviewers,lsalzman, a=dmeehan

No longer needed.

Differential Revision: https://phabricator.services.mozilla.com/D229096

Differential Revision: https://phabricator.services.mozilla.com/D225504

Bug 1914707 - Disable attrib divisor for non-array attribs. r=gfx-reviewers,lsalzman,bradwerth a=RyanVM

Differential Revision: https://phabricator.services.mozilla.com/D222889