Alex Catarineu authored 5 years ago and Pier Angelo Vendrame committed 1 year ago

Whenever a valid Onion-Location HTTP header (or corresponding HTML
<meta> http-equiv attribute) is found in a document load, we either
redirect to it (if the user opted-in via preference) or notify the
presence of an onionsite alternative with a badge in the urlbar.

Kathleen Brade authored 5 years ago and Pier Angelo Vendrame committed 1 year ago

When Tor informs the browser that client authentication is needed,
temporarily load about:blank instead of about:neterror and prompt
for the user's key.

If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD
control port command to add the key (via Torbutton's control port
module) and reload the page.

If the user cancels the prompt, display the standard about:neterror
"Unable to connect" page. This requires a small change to
browser/actors/NetErrorChild.jsm to account for the fact that the
docShell no longer has the failedChannel information. The failedChannel
is used to extract TLS-related error info, which is not applicable
in the case of a canceled .onion authentication prompt.

Add a leaveOpen option to PopupNotifications.show so we can display
error messages within the popup notification doorhanger without
closing the prompt.

Add support for onion services strings to the TorStrings module.

Add support for Tor extended SOCKS errors (Tor proposal 304) to the
socket transport and SOCKS layers. Improved display of all of these
errors will be implemented as part of bug 30025.

Also fixes bug 19757:
 Add a "Remember this key" checkbox to the client auth prompt.

 Add an "Onion Services Authentication" section within the
 about:preferences "Privacy & Security section" to allow
 viewing and removal of v3 onion client auth keys that have
 been stored on disk.

Also fixes bug 19251: use enhanced error pages for onion service errors.

Richard Pospesel authored 6 years ago and Pier Angelo Vendrame committed 1 year ago

Encrypting pages hosted on Onion Services with SSL/TLS is redundant
(in terms of hiding content) as all traffic within the Tor network is
already fully encrypted.  Therefore, serving HTTP pages from an Onion
Service is more or less fine.

Prior to this patch, Tor Browser would mostly treat pages delivered
via Onion Services as well as pages delivered in the ordinary fashion
over the internet in the same way.  This created some inconsistencies
in behaviour and misinformation presented to the user relating to the
security of pages delivered via Onion Services:

 - HTTP Onion Service pages did not have any 'lock' icon indicating
   the site was secure
 - HTTP Onion Service pages would be marked as unencrypted in the Page
   Info screen
 - Mixed-mode content restrictions did not apply to HTTP Onion Service
   pages embedding Non-Onion HTTP content

This patch fixes the above issues, and also adds several new 'Onion'
icons to the mix to indicate all of the various permutations of Onion
Services hosted HTTP or HTTPS pages with HTTP or HTTPS content.

Strings for Onion Service Page Info page are pulled from Torbutton's
localization strings.

Richard Pospesel authored 3 years ago and Pier Angelo Vendrame committed 1 year ago

- implements new about:torconnect page as tor-launcher replacement
- adds new torconnect component to browser
- tor process management functionality remains implemented in tor-launcher through the TorProtocolService module
- adds warning/error box to about:preferences#tor when not connected to tor

Bug 40773: Update the about:torconnect frontend page to match additional UI flows.

Bug 41608: Add a toolbar status button and a urlbar "Connect" button.

ma1 authored 2 years ago and Pier Angelo Vendrame committed 1 year ago

Bug 41613: Skip Drang & Drop filtering for DNS-safe URLs

Georg Koppen authored 5 years ago and Pier Angelo Vendrame committed 1 year ago

Related Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1428034

Marco Simonelli authored 2 years ago and Pier Angelo Vendrame committed 1 year ago

- fixes required to build dom/media/systemservices

Marco Simonelli authored 2 years ago and Pier Angelo Vendrame committed 1 year ago

- fixes required to build dom/media/webrtc

Andreas Pehrson authored 1 year ago and Pier Angelo Vendrame committed 1 year ago

Similar to MediaTrack::mDisabledMode, but this is for uses on the
SourceMediaTrack producer thread. It is still signaled via a control message
from the control thread to maintain order of operations, and is protected by the
SourceMediaTrack mutex.

Differential Revision: https://phabricator.services.mozilla.com/D187554

Kelsey Gilbert authored 1 year ago and Pier Angelo Vendrame committed 1 year ago

We could do non-racy static init here (e.g. with a static initializer
self-calling-closure), but there doesn't seem to be a strong reason for
this. Let's just use a switch and get robustness from -Werror=switch.

Differential Revision: https://phabricator.services.mozilla.com/D188054

Eden Chuang authored 1 year ago and Pier Angelo Vendrame committed 1 year ago

Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth

Differential Revision: https://phabricator.services.mozilla.com/D186431

Bug 1858033 - Refactor Proxy::mXMLHttpRequestPrivate to become a WeakPtr and simplify Teardown/Unpin.  a=RyanVM

This patch also clarifies that mXMLHttpRequestPrivate is only ever dereferenced on the worker thread
and avoids to copy its raw pointer on the main thread by relying always on Proxy to access it.

Original Revision: https://phabricator.services.mozilla.com/D194077

Differential Revision: https://phabricator.services.mozilla.com/D195826

mDemuxers array elements are also removed when no longer required.

Original Revision: https://phabricator.services.mozilla.com/D193616

Differential Revision: https://phabricator.services.mozilla.com/D195746

Original Revision: https://phabricator.services.mozilla.com/D193286

Differential Revision: https://phabricator.services.mozilla.com/D195046

Original Revision: https://phabricator.services.mozilla.com/D194770

Depends on D195781

Differential Revision: https://phabricator.services.mozilla.com/D195782

Bug 1864379 - P1. Don't dispatch LoginManager DOM events for disconnected input elements.  a=diannaS

Original Revision: https://phabricator.services.mozilla.com/D194768

Differential Revision: https://phabricator.services.mozilla.com/D195780

Differential Revision: https://phabricator.services.mozilla.com/D195337

Differential Revision: https://phabricator.services.mozilla.com/D194220

Original Revision: https://phabricator.services.mozilla.com/D193722

Differential Revision: https://phabricator.services.mozilla.com/D195287

Bug 1849860 - Keep UnderlyingSourceAlgorithms alive until it's explicitly closed. r=smaug,asuth a=RyanVM

1. Adding mAsyncWaitAlgorithms to match mAsyncWaitWorkerRef and keep the algorithms object just like how the workerref is kept right now.
2. Closing mInput also on the window teardown, to prevent memory leak as Fetch does not close the stream automatically.

Differential Revision: https://phabricator.services.mozilla.com/D195132

Depends on D195131

Differential Revision: https://phabricator.services.mozilla.com/D195131

Backed out changeset 8cc3a3bb4ea0 (bug 1864123) for causing mass build bustages on EncryptingOutputStream_impl.h. a=backout

Original Revision: https://phabricator.services.mozilla.com/D193286

Differential Revision: https://phabricator.services.mozilla.com/D195046

Bug 1842936 - Make WindowGlobalParent::IsCurrentGlobal() consistent with nsPIDOMWindowInner::IsCurrentInnerWindow().  a=RyanVM

Original Revision: https://phabricator.services.mozilla.com/D183311

Differential Revision: https://phabricator.services.mozilla.com/D194994

Original Revision: https://phabricator.services.mozilla.com/D190245

Differential Revision: https://phabricator.services.mozilla.com/D194843

Bug 1856072 - Remove custom ResolveCallback for FileSystemGetWritableFileStreamResponse; r=#dom-storage a=dsmith

Differential Revision: https://phabricator.services.mozilla.com/D191968

Differential Revision: https://phabricator.services.mozilla.com/D191967

Bug 1856072 - Change FileSystemWritableFileStream::Create to return constructed streams synchronously; r=#dom-storage a=dsmith

Differential Revision: https://phabricator.services.mozilla.com/D191966

Differential Revision: https://phabricator.services.mozilla.com/D191965

Bug 1856072 - Make sure FileSystemWritableFileStream can't go away during Seek, Truncate and Close; r=#dom-storage a=dsmith

Differential Revision: https://phabricator.services.mozilla.com/D191964

Differential Revision: https://phabricator.services.mozilla.com/D191963

Differential Revision: https://phabricator.services.mozilla.com/D191962

Differential Revision: https://phabricator.services.mozilla.com/D191961

Differential Revision: https://phabricator.services.mozilla.com/D191960