browser/base/content/browser-siteIdentity.js

@@ -898,10 +898,10 @@ var gIdentityHandler = {
       gPermissionPanel.refreshPermissionIcons();
     }
 
-    // Hide the shield icon if it is a chrome page.
+    // Bug 26345: Hide tracking protection UI.
     gProtectionsHandler._trackingProtectionIconContainer.classList.toggle(
       "chromeUI",
-      this._isSecureInternalUI
+      true
     );
   },
 

browser/base/content/browser.css

@@ -98,6 +98,29 @@ body {
   -moz-window-dragging: drag;
 }
 
+/**
+  Never modify the following selector without synchronizing
+  LETTERBOX_CSS_SELECTOR in RFPHelper.jsm!
+**/
+.letterboxing .browserStack:not(.exclude-letterboxing) > browser {
+  /* width & height to be dynamically set by RFPHelper.jsm */
+  outline: 1px solid var(--chrome-content-separator-color);
+}
+
+.exclude-letterboxing > browser {
+  outline: initial;
+}
+
+:root:not([inDOMFullscreen]) .letterboxing.letterboxing-ready .browserStack:not(.exclude-letterboxing) {
+  place-content: start center;
+}
+
+/* extend down the toolbar's colors when letterboxing is enabled */
+.letterboxing {
+  background-color: var(--toolbar-bgcolor);
+  background-image: var(--toolbar-bgimage);
+}
+
 #toolbar-menubar[autohide="true"] {
   overflow: hidden;
 }

browser/base/content/browser.js

@@ -67,7 +67,6 @@ XPCOMUtils.defineLazyModuleGetters(this, {
   RFPHelper: "resource://gre/modules/RFPHelper.jsm",
   SafeBrowsing: "resource://gre/modules/SafeBrowsing.jsm",
   Sanitizer: "resource:///modules/Sanitizer.jsm",
-  SaveToPocket: "chrome://pocket/content/SaveToPocket.jsm",
   ScreenshotsUtils: "resource:///modules/ScreenshotsUtils.jsm",
   SessionStartup: "resource:///modules/sessionstore/SessionStartup.jsm",
   SessionStore: "resource:///modules/sessionstore/SessionStore.jsm",
@@ -223,6 +222,16 @@ XPCOMUtils.defineLazyScriptGetter(
   ["DownloadsButton", "DownloadsIndicatorView"],
   "chrome://browser/content/downloads/indicator.js"
 );
+XPCOMUtils.defineLazyScriptGetter(
+  this,
+  ["SecurityLevelButton"],
+  "chrome://browser/content/securitylevel/securityLevel.js"
+);
+XPCOMUtils.defineLazyScriptGetter(
+  this,
+  ["NewIdentityButton"],
+  "chrome://browser/content/newidentity.js"
+);
 XPCOMUtils.defineLazyScriptGetter(
   this,
   "gEditItemOverlay",
@@ -1772,6 +1781,12 @@ var gBrowserInit = {
     // doesn't flicker as the window is being shown.
     DownloadsButton.init();
 
+    // Init the SecuritySettingsButton
+    SecurityLevelButton.init();
+
+    // Init the NewIdentityButton
+    NewIdentityButton.init();
+
     // Certain kinds of automigration rely on this notification to complete
     // their tasks BEFORE the browser window is shown. SessionStore uses it to
     // restore tabs into windows AFTER important parts like gMultiProcessBrowser
@@ -2492,6 +2507,10 @@ var gBrowserInit = {
 
     DownloadsButton.uninit();
 
+    SecurityLevelButton.uninit();
+
+    NewIdentityButton.uninit();
+
     gAccessibilityServiceIndicator.uninit();
 
     if (gToolbarKeyNavEnabled) {
@@ -4807,6 +4826,10 @@ let gShareUtils = {
    * Updates a sharing item in a given menu, creating it if necessary.
    */
   updateShareURLMenuItem(browser, insertAfterEl) {
+    if (!Services.prefs.getBoolPref("browser.share_menu.allow", false)) {
+      return false;
+    }
+
     // We only support "share URL" on macOS and on Windows 10:
     if (
       AppConstants.platform != "macosx" &&
@@ -5418,8 +5441,6 @@ var XULBrowserWindow = {
 
     SafeBrowsingNotificationBox.onLocationChange(aLocationURI);
 
-    SaveToPocket.onLocationChange(window);
-
     UrlbarProviderSearchTips.onLocationChange(
       window,
       aLocationURI,
@@ -5980,6 +6001,7 @@ var TabsProgressListener = {
   onStateChange(aBrowser, aWebProgress, aRequest, aStateFlags, aStatus) {
     // Collect telemetry data about tab load times.
     if (
+      AppConstants.MOZ_TELEMETRY_REPORTING &&
       aWebProgress.isTopLevel &&
       (!aRequest.originalURI || aRequest.originalURI.scheme != "about")
     ) {

browser/base/content/browser.xhtml

@@ -20,6 +20,8 @@
 <?xml-stylesheet href="chrome://browser/content/browser.css" type="text/css"?>
 <?xml-stylesheet href="chrome://browser/content/tabbrowser.css" type="text/css"?>
 <?xml-stylesheet href="chrome://browser/content/downloads/downloads.css" type="text/css"?>
+<?xml-stylesheet href="chrome://browser/content/securitylevel/securityLevelPanel.css"?>
+<?xml-stylesheet href="chrome://browser/content/securitylevel/securityLevelButton.css"?>
 <?xml-stylesheet href="chrome://browser/content/places/places.css" type="text/css"?>
 <?xml-stylesheet href="chrome://browser/content/usercontext/usercontext.css" type="text/css"?>
 <?xml-stylesheet href="chrome://browser/skin/" type="text/css"?>
@@ -85,6 +87,7 @@
 #ifdef NIGHTLY_BUILD
   <link rel="localization" href="preview/firefoxView.ftl"/>
 #endif
+  <link rel="localization" href="browser/languageNotification.ftl"/>
 
   <title data-l10n-id="browser-main-window-title"></title>
 
@@ -112,6 +115,7 @@
   Services.scriptloader.loadSubScript("chrome://browser/content/places/places-menupopup.js", this);
   Services.scriptloader.loadSubScript("chrome://browser/content/search/autocomplete-popup.js", this);
   Services.scriptloader.loadSubScript("chrome://browser/content/search/searchbar.js", this);
+  Services.scriptloader.loadSubScript("chrome://browser/content/languageNotification.js", this);
 
   window.onload = gBrowserInit.onLoad.bind(gBrowserInit);
   window.onunload = gBrowserInit.onUnload.bind(gBrowserInit);

browser/base/content/fullscreen-and-pointerlock.inc.xhtml

@@ -3,7 +3,7 @@
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 <html:div id="fullscreen-and-pointerlock-wrapper">
-  <html:div id="fullscreen-warning" class="pointerlockfswarning" hidden="true">
+  <html:div id="fullscreen-warning" class="pointerlockfswarning" hidden="">
     <html:div class="pointerlockfswarning-domain-text">
       <html:span class="pointerlockfswarning-domain" data-l10n-name="domain"/>
     </html:div>
@@ -20,7 +20,7 @@
     </html:button>
   </html:div>
 
-  <html:div id="pointerlock-warning" class="pointerlockfswarning" hidden="true">
+  <html:div id="pointerlock-warning" class="pointerlockfswarning" hidden="">
     <html:div class="pointerlockfswarning-domain-text">
       <html:span class="pointerlockfswarning-domain" data-l10n-name="domain"/>
     </html:div>

browser/base/content/languageNotification.js

+"use strict";
+
+// Show a prompt to suggest to the user that they can change the UI language.
+// Show it only the first time, and then do not show it anymore
+window.addEventListener("load", async () => {
+  const PREF_NAME = "intl.language_notification.shown";
+
+  if (Services.prefs.getBoolPref(PREF_NAME, false)) {
+    return;
+  }
+
+  // Already customized, we do not suggest to change it again...
+  if (Services.prefs.getCharPref("intl.locale.requested", "") !== "") {
+    // ... and we never show the notification, either
+    Services.prefs.setBoolPref(PREF_NAME, true);
+    return;
+  }
+
+  // In sync with our changes on browser/components/preferences/main.js for
+  // tor-browser#41369 and tor-browser#41372.
+  const code =
+    Services.locale.appLocaleAsBCP47 === "ja-JP-macos"
+      ? "ja"
+      : Services.locale.appLocaleAsBCP47;
+  const language = Services.intl
+    .getLocaleDisplayNames(undefined, [code], { preferNative: true })[0]
+    .replace(/\s*\(.+\)$/g, "");
+
+  // We want to determine whether the current locale was chosen based on the
+  // system locales, in which case langauge negotiation returns a match, or
+  // whether it simply defaulted to en-US.
+  const matchingSystem = !!Services.locale.negotiateLanguages(
+    // Since intl.locale.requested is empty, we expect requestedLocales to match
+    // the user's system locales.
+    Services.locale.requestedLocales,
+    Services.locale.availableLocales
+  ).length;
+  const label = await document.l10n.formatValue(
+    matchingSystem
+      ? "language-notification-label-system"
+      : "language-notification-label",
+    { language }
+  );
+
+  const buttons = [
+    {
+      "l10n-id": "language-notification-button",
+      callback() {
+        openPreferences("general-language");
+      },
+    },
+  ];
+
+  gNotificationBox.appendNotification(
+    "language-notification",
+    {
+      label,
+      priority: gNotificationBox.PRIORITY_INFO_HIGH,
+    },
+    buttons
+  );
+
+  // We do not wait for the user to either click on the button or dismiss the
+  // notification: after we have shown it once, we take for granted that the
+  // user has seen it and we never show it again.
+  Services.prefs.setBoolPref(PREF_NAME, true);
+});

browser/base/content/main-popupset.inc.xhtml

@@ -534,6 +534,7 @@
 #include ../../components/controlcenter/content/protectionsPanel.inc.xhtml
 #include ../../components/downloads/content/downloadsPanel.inc.xhtml
 #include ../../../devtools/startup/enableDevToolsPopup.inc.xhtml
+#include ../../components/securitylevel/content/securityLevelPanel.inc.xhtml
 #include browser-allTabsMenu.inc.xhtml
 
   <tooltip id="dynamic-shortcut-tooltip"

browser/base/content/navigator-toolbox.inc.xhtml

@@ -405,6 +405,8 @@
         </box>
       </toolbarbutton>
 
+#include ../../components/securitylevel/content/securityLevelButton.inc.xhtml
+
       <toolbarbutton id="fxa-toolbar-menu-button" class="toolbarbutton-1 chromeclass-toolbar-additional subviewbutton-nav"
                      badged="true"
                      onmousedown="gSync.toggleAccountPanel(this, event)"
@@ -535,6 +537,8 @@
                    ondragover="newWindowButtonObserver.onDragOver(event)"
                    ondragenter="newWindowButtonObserver.onDragOver(event)"/>
 
+    <toolbarbutton id="new-identity-button" class="toolbarbutton-1 chromeclass-toolbar-additional"/>
+
     <toolbarbutton id="fullscreen-button" class="toolbarbutton-1 chromeclass-toolbar-additional"
                    observes="View:FullScreen"
                    type="checkbox"

browser/base/content/test/fullscreen/browser_fullscreen_warning.js

@@ -3,14 +3,35 @@
 
 "use strict";
 
-add_task(async function test_fullscreen_display_none() {
+function checkWarningState(aWarningElement, aExpectedState, aMsg) {
+  ["hidden", "ontop", "onscreen"].forEach(state => {
+    is(
+      aWarningElement.hasAttribute(state),
+      state == aExpectedState,
+      `${aMsg} - check ${state} attribute.`
+    );
+  });
+}
+
+async function waitForWarningState(aWarningElement, aExpectedState) {
+  await BrowserTestUtils.waitForAttribute(aExpectedState, aWarningElement, "");
+  checkWarningState(
+    aWarningElement,
+    aExpectedState,
+    `Wait for ${aExpectedState} state`
+  );
+}
+
+add_setup(async function init() {
   await SpecialPowers.pushPrefEnv({
     set: [
       ["full-screen-api.enabled", true],
       ["full-screen-api.allow-trusted-requests-only", false],
     ],
   });
+});
 
+add_task(async function test_fullscreen_display_none() {
   await BrowserTestUtils.withNewTab(
     {
       gBrowser,
@@ -30,11 +51,13 @@ add_task(async function test_fullscreen_display_none() {
     },
     async function(browser) {
       let warning = document.getElementById("fullscreen-warning");
-      let warningShownPromise = BrowserTestUtils.waitForAttribute(
-        "onscreen",
+      checkWarningState(
         warning,
-        "true"
+        "hidden",
+        "Should not show full screen warning initially"
       );
+
+      let warningShownPromise = waitForWarningState(warning, "onscreen");
       // Enter fullscreen
       await SpecialPowers.spawn(browser, [], async () => {
         let frame = content.document.querySelector("iframe");
@@ -54,39 +77,33 @@ add_task(async function test_fullscreen_display_none() {
       );
       document.getElementById("fullscreen-exit-button").click();
       await exitFullscreenPromise;
+
+      checkWarningState(
+        warning,
+        "hidden",
+        "Should hide fullscreen warning after exiting fullscreen"
+      );
     }
   );
 });
 
 add_task(async function test_fullscreen_pointerlock_conflict() {
-  await SpecialPowers.pushPrefEnv({
-    set: [
-      ["full-screen-api.enabled", true],
-      ["full-screen-api.allow-trusted-requests-only", false],
-    ],
-  });
-
   await BrowserTestUtils.withNewTab("https://example.com", async browser => {
     let fsWarning = document.getElementById("fullscreen-warning");
     let plWarning = document.getElementById("pointerlock-warning");
 
-    is(
-      fsWarning.getAttribute("onscreen"),
-      null,
-      "Should not show full screen warning initially."
-    );
-    is(
-      plWarning.getAttribute("onscreen"),
-      null,
-      "Should not show pointer lock warning initially."
-    );
-
-    let fsWarningShownPromise = BrowserTestUtils.waitForAttribute(
-      "onscreen",
+    checkWarningState(
       fsWarning,
-      "true"
+      "hidden",
+      "Should not show full screen warning initially"
+    );
+    checkWarningState(
+      plWarning,
+      "hidden",
+      "Should not show pointer lock warning initially"
     );
 
+    let fsWarningShownPromise = waitForWarningState(fsWarning, "onscreen");
     info("Entering full screen and pointer lock.");
     await SpecialPowers.spawn(browser, [], async () => {
       await content.document.body.requestFullscreen();
@@ -94,15 +111,10 @@ add_task(async function test_fullscreen_pointerlock_conflict() {
     });
 
     await fsWarningShownPromise;
-    is(
-      fsWarning.getAttribute("onscreen"),
-      "true",
-      "Should show full screen warning."
-    );
-    is(
-      plWarning.getAttribute("onscreen"),
-      null,
-      "Should not show pointer lock warning."
+    checkWarningState(
+      plWarning,
+      "hidden",
+      "Should not show pointer lock warning"
     );
 
     info("Exiting pointerlock");
@@ -110,18 +122,19 @@ add_task(async function test_fullscreen_pointerlock_conflict() {
       await content.document.exitPointerLock();
     });
 
-    is(
-      fsWarning.getAttribute("onscreen"),
-      "true",
-      "Should still show full screen warning."
+    checkWarningState(
+      fsWarning,
+      "onscreen",
+      "Should still show full screen warning"
     );
-    is(
-      plWarning.getAttribute("onscreen"),
-      null,
-      "Should not show pointer lock warning."
+    checkWarningState(
+      plWarning,
+      "hidden",
+      "Should not show pointer lock warning"
     );
 
     // Cleanup
+    info("Exiting fullscreen");
     await document.exitFullscreen();
   });
 });

browser/base/jar.mn

@@ -106,8 +106,9 @@ browser.jar:
         content/browser/spotlight.js                  (content/spotlight.js)
 *       content/browser/default-bookmarks.html        (content/default-bookmarks.html)
 
+        content/browser/languageNotification.js       (content/languageNotification.js)
+
 % override chrome://global/content/netError.xhtml chrome://browser/content/certerror/aboutNetError.xhtml
 
 # L10n resources and overrides.
-% override chrome://global/locale/appstrings.properties chrome://browser/locale/appstrings.properties
 % override chrome://global/locale/netError.dtd chrome://browser/locale/netError.dtd

browser/base/moz.build

@@ -87,6 +87,9 @@ if CONFIG["OS_ARCH"] == "WINNT" and CONFIG["MOZ_DEFAULT_BROWSER_AGENT"]:
     # Impacts `/toolkit/content/license.html`.
     DEFINES["MOZ_DEFAULT_BROWSER_AGENT"] = True
 
+if CONFIG["BASE_BROWSER_UPDATE"]:
+    DEFINES["BASE_BROWSER_UPDATE"] = True
+
 JAR_MANIFESTS += ["jar.mn"]
 
 GeneratedFile(

browser/components/BrowserContentHandler.jsm

@@ -37,6 +37,9 @@ XPCOMUtils.defineLazyGetter(this, "gSystemPrincipal", () =>
 );
 XPCOMUtils.defineLazyGlobalGetters(this, [URL]);
 
+const FORK_VERSION_PREF =
+  "browser.startup.homepage_override.basebrowser.version";
+
 // One-time startup homepage override configurations
 const ONCE_DOMAINS = ["mozilla.org", "firefox.com"];
 const ONCE_PREF = "browser.startup.homepage_override.once";
@@ -100,7 +103,8 @@ const OVERRIDE_NEW_BUILD_ID = 3;
  * Returns:
  *  OVERRIDE_NEW_PROFILE if this is the first run with a new profile.
  *  OVERRIDE_NEW_MSTONE if this is the first run with a build with a different
- *                      Gecko milestone (i.e. right after an upgrade).
+ *                      Gecko milestone or fork version (i.e. right after an
+ *                      upgrade).
  *  OVERRIDE_NEW_BUILD_ID if this is the first run with a new build ID of the
  *                        same Gecko milestone (i.e. after a nightly upgrade).
  *  OVERRIDE_NONE otherwise.
@@ -117,6 +121,8 @@ function needHomepageOverride(prefb) {
 
   var mstone = Services.appinfo.platformVersion;
 
+  var savedForkVersion = prefb.getCharPref(FORK_VERSION_PREF, null);
+
   var savedBuildID = prefb.getCharPref(
     "browser.startup.homepage_override.buildID",
     ""
@@ -138,9 +144,16 @@ function needHomepageOverride(prefb) {
 
     prefb.setCharPref("browser.startup.homepage_override.mstone", mstone);
     prefb.setCharPref("browser.startup.homepage_override.buildID", buildID);
+    prefb.setCharPref(FORK_VERSION_PREF, AppConstants.BASE_BROWSER_VERSION);
     return savedmstone ? OVERRIDE_NEW_MSTONE : OVERRIDE_NEW_PROFILE;
   }
 
+  if (AppConstants.BASE_BROWSER_VERSION != savedForkVersion) {
+    prefb.setCharPref("browser.startup.homepage_override.buildID", buildID);
+    prefb.setCharPref(FORK_VERSION_PREF, AppConstants.BASE_BROWSER_VERSION);
+    return OVERRIDE_NEW_MSTONE;
+  }
+
   if (buildID != savedBuildID) {
     prefb.setCharPref("browser.startup.homepage_override.buildID", buildID);
     return OVERRIDE_NEW_BUILD_ID;
@@ -651,6 +664,10 @@ nsBrowserContentHandler.prototype = {
         "browser.startup.homepage_override.buildID",
         "unknown"
       );
+
+      // We do the same for the fork version.
+      let old_forkVersion = prefb.getCharPref(FORK_VERSION_PREF, null);
+
       override = needHomepageOverride(prefb);
       if (override != OVERRIDE_NONE) {
         switch (override) {
@@ -662,8 +679,8 @@ nsBrowserContentHandler.prototype = {
             additionalPage = Services.urlFormatter.formatURLPref(
               "startup.homepage_welcome_url.additional"
             );
-            // Turn on 'later run' pages for new profiles.
-            LaterRun.enabled = true;
+            // Disable 'later run' pages for new profiles (tor-browser#41568)
+            LaterRun.enabled = false;
             break;
           case OVERRIDE_NEW_MSTONE:
             // Check whether we will restore a session. If we will, we assume
@@ -677,9 +694,10 @@ nsBrowserContentHandler.prototype = {
               "startup.homepage_override_url"
             );
             let update = UpdateManager.readyUpdate;
+            let old_version = old_forkVersion ? old_forkVersion : old_mstone;
             if (
               update &&
-              Services.vc.compare(update.appVersion, old_mstone) > 0
+              Services.vc.compare(update.appVersion, old_version) > 0
             ) {
               overridePage = getPostUpdateOverridePage(update, overridePage);
               // Send the update ping to signal that the update was successful.
@@ -687,6 +705,10 @@ nsBrowserContentHandler.prototype = {
             }
 
             overridePage = overridePage.replace("%OLD_VERSION%", old_mstone);
+            overridePage = overridePage.replace(
+              "%OLD_BASE_BROWSER_VERSION%",
+              old_forkVersion
+            );
             break;
           case OVERRIDE_NEW_BUILD_ID:
             if (UpdateManager.readyUpdate) {

browser/components/BrowserGlue.jsm

@@ -18,13 +18,9 @@ const { AppConstants } = ChromeUtils.import(
 );
 
 XPCOMUtils.defineLazyModuleGetters(this, {
-  AboutNewTab: "resource:///modules/AboutNewTab.jsm",
   ActorManagerParent: "resource://gre/modules/ActorManagerParent.jsm",
   AddonManager: "resource://gre/modules/AddonManager.jsm",
   AppMenuNotifications: "resource://gre/modules/AppMenuNotifications.jsm",
-  ASRouterDefaultConfig:
-    "resource://activity-stream/lib/ASRouterDefaultConfig.jsm",
-  ASRouterNewTabHook: "resource://activity-stream/lib/ASRouterNewTabHook.jsm",
   ASRouter: "resource://activity-stream/lib/ASRouter.jsm",
   AsyncShutdown: "resource://gre/modules/AsyncShutdown.jsm",
   BackgroundUpdate: "resource://gre/modules/BackgroundUpdate.jsm",
@@ -79,7 +75,6 @@ XPCOMUtils.defineLazyModuleGetters(this, {
   RFPHelper: "resource://gre/modules/RFPHelper.jsm",
   SafeBrowsing: "resource://gre/modules/SafeBrowsing.jsm",
   Sanitizer: "resource:///modules/Sanitizer.jsm",
-  SaveToPocket: "chrome://pocket/content/SaveToPocket.jsm",
   ScreenshotsUtils: "resource:///modules/ScreenshotsUtils.jsm",
   SearchSERPTelemetry: "resource:///modules/SearchSERPTelemetry.jsm",
   SessionStartup: "resource:///modules/sessionstore/SessionStartup.jsm",
@@ -226,28 +221,6 @@ let JSWINDOWACTORS = {
     remoteTypes: ["privilegedabout"],
   },
 
-  AboutNewTab: {
-    parent: {
-      moduleURI: "resource:///actors/AboutNewTabParent.jsm",
-    },
-    child: {
-      moduleURI: "resource:///actors/AboutNewTabChild.jsm",
-      events: {
-        DOMContentLoaded: {},
-        pageshow: {},
-        visibilitychange: {},
-      },
-    },
-    // The wildcard on about:newtab is for the ?endpoint query parameter
-    // that is used for snippets debugging. The wildcard for about:home
-    // is similar, and also allows for falling back to loading the
-    // about:home document dynamically if an attempt is made to load
-    // about:home?jscache from the AboutHomeStartupCache as a top-level
-    // load.
-    matches: ["about:home*", "about:welcome", "about:newtab*"],
-    remoteTypes: ["privilegedabout"],
-  },
-
   AboutPlugins: {
     parent: {
       moduleURI: "resource:///actors/AboutPluginsParent.jsm",
@@ -263,26 +236,6 @@ let JSWINDOWACTORS = {
     matches: ["about:plugins"],
   },
 
-  AboutPocket: {
-    parent: {
-      moduleURI: "resource:///actors/AboutPocketParent.jsm",
-    },
-    child: {
-      moduleURI: "resource:///actors/AboutPocketChild.jsm",
-
-      events: {
-        DOMDocElementInserted: { capture: true },
-      },
-    },
-
-    matches: [
-      "about:pocket-saved*",
-      "about:pocket-signup*",
-      "about:pocket-home*",
-      "about:pocket-style-guide*",
-    ],
-  },
-
   AboutPrivateBrowsing: {
     parent: {
       moduleURI: "resource:///actors/AboutPrivateBrowsingParent.jsm",
@@ -717,27 +670,6 @@ let JSWINDOWACTORS = {
     matches: ["about:studies*"],
   },
 
-  ASRouter: {
-    parent: {
-      moduleURI: "resource:///actors/ASRouterParent.jsm",
-    },
-    child: {
-      moduleURI: "resource:///actors/ASRouterChild.jsm",
-      events: {
-        // This is added so the actor instantiates immediately and makes
-        // methods available to the page js on load.
-        DOMDocElementInserted: {},
-      },
-    },
-    matches: [
-      "about:home*",
-      "about:newtab*",
-      "about:welcome*",
-      "about:privatebrowsing",
-    ],
-    remoteTypes: ["privilegedabout"],
-  },
-
   SwitchDocumentDirection: {
     child: {
       moduleURI: "resource:///actors/SwitchDocumentDirectionChild.jsm",
@@ -1248,6 +1180,20 @@ BrowserGlue.prototype = {
     // handle any UI migration
     this._migrateUI();
 
+    // Clear possibly auto enabled enterprise_roots prefs (see bug 40166)
+    if (
+      !Services.prefs.getBoolPref(
+        "security.certerrors.mitm.auto_enable_enterprise_roots"
+      ) &&
+      Services.prefs.getBoolPref(
+        "security.enterprise_roots.auto-enabled",
+        false
+      )
+    ) {
+      Services.prefs.clearUserPref("security.enterprise_roots.enabled");
+      Services.prefs.clearUserPref("security.enterprise_roots.auto-enabled");
+    }
+
     if (!Services.prefs.prefHasUserValue(PREF_PDFJS_ISDEFAULT_CACHE_STATE)) {
       PdfJs.checkIsDefault(this._isNewProfile);
     }
@@ -1262,8 +1208,6 @@ BrowserGlue.prototype = {
       Normandy.init();
     }
 
-    SaveToPocket.init();
-
     AboutHomeStartupCache.init();
 
     Services.obs.notifyObservers(null, "browser-ui-startup-complete");
@@ -1586,8 +1530,6 @@ BrowserGlue.prototype = {
 
   // the first browser window has finished initializing
   _onFirstWindowLoaded: function BG__onFirstWindowLoaded(aWindow) {
-    AboutNewTab.init();
-
     TabCrashHandler.init();
 
     ProcessHangMonitor.init();
@@ -1679,7 +1621,9 @@ BrowserGlue.prototype = {
     this._firstWindowTelemetry(aWindow);
     this._firstWindowLoaded();
 
-    this._collectStartupConditionsTelemetry();
+    if (AppConstants.MOZ_TELEMETRY_REPORTING) {
+      this._collectStartupConditionsTelemetry();
+    }
 
     // Set the default favicon size for UI views that use the page-icon protocol.
     PlacesUtils.favicons.setDefaultIconURIPreferredSize(
@@ -1990,9 +1934,14 @@ BrowserGlue.prototype = {
       () => PageDataService.uninit(),
       () => PageThumbs.uninit(),
       () => NewTabUtils.uninit(),
-      () => Normandy.uninit(),
+
+      () => {
+        if (AppConstants.MOZ_NORMANDY) {
+          Normandy.uninit();
+        }
+      },
+
       () => RFPHelper.uninit(),
-      () => ASRouterNewTabHook.destroy(),
       () => UpdateListener.reset(),
     ];
 
@@ -2069,19 +2018,21 @@ BrowserGlue.prototype = {
     // There is no pref for this add-on because it shouldn't be disabled.
     const ID = "addons-search-detection@mozilla.com";
 
-    let addon = await AddonManager.getAddonByID(ID);
+    try {
+      let addon = await AddonManager.getAddonByID(ID);
 
-    // first time install of addon and install on firefox update
-    addon =
-      (await AddonManager.maybeInstallBuiltinAddon(
-        ID,
-        "2.0.0",
-        "resource://builtin-addons/search-detection/"
-      )) || addon;
+      // first time install of addon and install on firefox update
+      addon =
+        (await AddonManager.maybeInstallBuiltinAddon(
+          ID,
+          "2.0.0",
+          "resource://builtin-addons/search-detection/"
+        )) || addon;
 
-    if (!addon.isActive) {
-      addon.enable();
-    }
+      if (addon && !addon.isActive) {
+        addon.enable();
+      }
+    } catch (e) {}
   },
 
   _monitorHTTPSOnlyPref() {
@@ -2331,8 +2282,6 @@ BrowserGlue.prototype = {
     this._monitorScreenshotsPref();
     this._monitorWebcompatReporterPref();
     this._monitorHTTPSOnlyPref();
-    this._monitorIonPref();
-    this._monitorIonStudies();
     this._setupSearchDetection();
 
     this._monitorGPCPref();
@@ -2627,11 +2576,23 @@ BrowserGlue.prototype = {
 
       {
         task: () => {
-          // Init the url query stripping list.
-          let urlQueryStrippingListService = Cc[
-            "@mozilla.org/query-stripping-list-service;1"
-          ].getService(Ci.nsIURLQueryStrippingListService);
-          urlQueryStrippingListService.init();
+          // tor-browser#40788: Do not initialize
+          // nsIURLQueryStrippingListService to prevent it from initializing
+          // its remote settings if it's disabled.
+          // See also https://bugzilla.mozilla.org/show_bug.cgi?id=1812594
+          let enabledPref = "privacy.query_stripping.enabled";
+          let enabledPBMPref = "privacy.query_stripping.enabled.pbmode";
+
+          if (
+            Services.prefs.getBoolPref(enabledPref, false) ||
+            Services.prefs.getBoolPref(enabledPBMPref, false)
+          ) {
+            // Init the url query stripping list.
+            let urlQueryStrippingListService = Cc[
+              "@mozilla.org/query-stripping-list-service;1"
+            ].getService(Ci.nsIURLQueryStrippingListService);
+            urlQueryStrippingListService.init();
+          }
         },
       },
 
@@ -2701,12 +2662,6 @@ BrowserGlue.prototype = {
         },
       },
 
-      {
-        task: () => {
-          ASRouterNewTabHook.createInstance(ASRouterDefaultConfig());
-        },
-      },
-
       {
         condition: AppConstants.MOZ_UPDATE_AGENT,
         task: () => {
@@ -2861,13 +2816,21 @@ BrowserGlue.prototype = {
         }
       },
 
-      () => BrowserUsageTelemetry.reportProfileCount(),
+      () => {
+        if (AppConstants.MOZ_TELEMETRY_REPORTING) {
+          BrowserUsageTelemetry.reportProfileCount();
+        }
+      },
 
       () => OsEnvironment.reportAllowedAppSources(),
 
       () => Services.search.runBackgroundChecks(),
 
-      () => BrowserUsageTelemetry.reportInstallationTelemetry(),
+      () => {
+        if (AppConstants.MOZ_TELEMETRY_REPORTING) {
+          BrowserUsageTelemetry.reportInstallationTelemetry();
+        }
+      },
     ];
 
     for (let task of idleTasks) {
@@ -5792,12 +5755,8 @@ var AboutHomeStartupCache = {
       return { pageInputStream: null, scriptInputStream: null };
     }
 
-    let state = AboutNewTab.activityStream.store.getState();
-    return new Promise(resolve => {
-      this._cacheDeferred = resolve;
-      this.log.trace("Parent is requesting cache streams.");
-      this._procManager.sendAsyncMessage(this.CACHE_REQUEST_MESSAGE, { state });
-    });
+    this.log.error("Activity Stream is disabled.");
+    return { pageInputStream: null, scriptInputStream: null };
   },
 
   /**

browser/components/about/AboutRedirector.cpp

@@ -70,12 +70,14 @@ static const RedirEntry kRedirMap[] = {
          nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS |
          nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
          nsIAboutModule::IS_SECURE_CHROME_UI},
+#ifndef BASE_BROWSER_VERSION
     {"firefoxview", "chrome://browser/content/firefoxview.html",
      nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::IS_SECURE_CHROME_UI |
          nsIAboutModule::HIDE_FROM_ABOUTABOUT},
+#endif
     {"policies", "chrome://browser/content/policies/aboutPolicies.html",
      nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::IS_SECURE_CHROME_UI},
-    {"privatebrowsing", "chrome://browser/content/aboutPrivateBrowsing.html",
+    {"privatebrowsing", "about:blank",
      nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
          nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT |
          nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS},
@@ -106,6 +108,7 @@ static const RedirEntry kRedirMap[] = {
          nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS |
          nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
          nsIAboutModule::ALLOW_SCRIPT},
+#ifndef BASE_BROWSER_VERSION
     {"pocket-saved", "chrome://pocket/content/panels/saved.html",
      nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
          nsIAboutModule::URI_CAN_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT |
@@ -122,6 +125,7 @@ static const RedirEntry kRedirMap[] = {
      nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
          nsIAboutModule::URI_CAN_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT |
          nsIAboutModule::HIDE_FROM_ABOUTABOUT},
+#endif
     {"preferences", "chrome://browser/content/preferences/preferences.xhtml",
      nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::IS_SECURE_CHROME_UI},
     {"downloads",
@@ -133,14 +137,6 @@ static const RedirEntry kRedirMap[] = {
          nsIAboutModule::HIDE_FROM_ABOUTABOUT},
     {"restartrequired", "chrome://browser/content/aboutRestartRequired.xhtml",
      nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT},
-    {"protections", "chrome://browser/content/protections.html",
-     nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
-         nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT |
-         nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS |
-         nsIAboutModule::IS_SECURE_CHROME_UI},
-    {"ion", "chrome://browser/content/ion.html",
-     nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT |
-         nsIAboutModule::IS_SECURE_CHROME_UI},
 };
 
 static nsAutoCString GetAboutModuleName(nsIURI* aURI) {
@@ -194,7 +190,8 @@ AboutRedirector::NewChannel(nsIURI* aURI, nsILoadInfo* aLoadInfo,
       // enabled about:newtab. Disabled about:newtab page uses fallback.
       if (path.EqualsLiteral("home") ||
           (StaticPrefs::browser_newtabpage_enabled() &&
-           path.EqualsLiteral("newtab"))) {
+           path.EqualsLiteral("newtab")) ||
+          path.EqualsLiteral("privatebrowsing")) {
         nsCOMPtr<nsIAboutNewTabService> aboutNewTabService =
             do_GetService("@mozilla.org/browser/aboutnewtab-service;1", &rv);
         NS_ENSURE_SUCCESS(rv, rv);

browser/components/about/components.conf

@@ -12,17 +12,10 @@ pages = [
     'home',
     'logins',
     'loginsimportreport',
-    'firefoxview',
     'newtab',
-    'ion',
-    'pocket-home',
-    'pocket-saved',
-    'pocket-signup',
-    'pocket-style-guide',
     'policies',
     'preferences',
     'privatebrowsing',
-    'protections',
     'profiling',
     'reader',
     'restartrequired',

browser/components/aboutlogins/AboutLoginsParent.jsm

@@ -62,6 +62,7 @@ XPCOMUtils.defineLazyGetter(this, "AboutLoginsL10n", () => {
 const ABOUT_LOGINS_ORIGIN = "about:logins";
 const AUTH_TIMEOUT_MS = 5 * 60 * 1000; // 5 minutes
 const PRIMARY_PASSWORD_NOTIFICATION_ID = "primary-password-login-required";
+const NOCERTDB_PREF = "security.nocertdb";
 
 // about:logins will always use the privileged content process,
 // even if it is disabled for other consumers such as about:newtab.
@@ -323,6 +324,7 @@ class AboutLoginsParent extends JSWindowActorParent {
         importVisible:
           Services.policies.isAllowed("profileImport") &&
           AppConstants.platform != "linux",
+        canCreateLogins: !Services.prefs.getBoolPref(NOCERTDB_PREF, false),
       });
 
       await AboutLogins.sendAllLoginRelatedObjects(

browser/components/aboutlogins/content/aboutLogins.css

@@ -62,6 +62,11 @@ login-item[data-editing="true"] + login-intro,
   display: none;
 }
 
+/* Do not promote Mozilla Sync. */
+login-intro {
+  display: none !important;
+}
+
 .heading-wrapper {
   display: flex;
   justify-content: center;

browser/components/aboutlogins/content/aboutLogins.js

@@ -22,6 +22,9 @@ const gElements = {
       ".menuitem-remove-all-logins"
     );
   },
+  get createNewLoginButton() {
+    return this.loginList.shadowRoot.querySelector(".create-login-button");
+  },
 };
 
 let numberOfLogins = 0;
@@ -128,6 +131,9 @@ window.addEventListener("AboutLoginsChromeToContent", event => {
       gElements.loginList.setSortDirection(event.detail.value.selectedSort);
       document.documentElement.classList.add("initialized");
       gElements.loginList.classList.add("initialized");
+      if (!event.detail.value.canCreateLogins) {
+        gElements.createNewLoginButton.disabled = true;
+      }
       break;
     }
     case "ShowLoginItemError": {

browser/components/aboutlogins/content/components/fxaccounts-button.css

@@ -8,6 +8,11 @@
   align-items: center;
 }
 
+/* Do not promote Mozilla Sync. */
+.logged-out-view {
+  display: none !important;
+}
+
 .fxaccounts-extra-text {
   /* Only show at most 3 lines of text to limit the
      text from overflowing the header. */

browser/components/customizableui/CustomizableUI.jsm

@@ -65,6 +65,11 @@ const kSubviewEvents = ["ViewShowing", "ViewHiding"];
  */
 var kVersion = 17;
 
+/**
+ * The current version for base browser.
+ */
+var kVersionBaseBrowser = 1;
+
 /**
  * Buttons removed from built-ins by version they were removed. kVersion must be
  * bumped any time a new id is added to this. Use the button id as key, and
@@ -218,6 +223,7 @@ var CustomizableUIInternal = {
     this._updateForNewVersion();
     this._updateForNewProtonVersion();
     this._markObsoleteBuiltinButtonsSeen();
+    this._updateForBaseBrowser();
 
     this.registerArea(
       CustomizableUI.AREA_FIXED_OVERFLOW_PANEL,
@@ -236,10 +242,15 @@ var CustomizableUIInternal = {
       Services.policies.isAllowed("removeHomeButtonByDefault")
         ? null
         : "home-button",
-      "spring",
+      // Don't want springs either side of the urlbar. tor-browser#41736
       "urlbar-container",
-      "spring",
-      "save-to-pocket-button",
+      // save-to-pocket-button is entirely disabled. See tor-browser#18886 and
+      // tor-browser#31602.
+      // Base-browser additions tor-browser#41736. If you want to add to, remove
+      // from, or rearrange this list, then bump the kVersionBaseBrowser and
+      // update existing saved states in _updateForBaseBrowser.
+      "security-level-button",
+      "new-identity-button",
       "downloads-button",
       AppConstants.MOZ_DEV_EDITION ? "developer-button" : null,
       "fxa-toolbar-menu-button",
@@ -255,6 +266,10 @@ var CustomizableUIInternal = {
       },
       true
     );
+    // navbarPlacements does not match the initial default XHTML layout.
+    // Therefore we always need to rebuild the navbar area when
+    // registerToolbarNode is called. tor-browser#41736
+    gDirtyAreaCache.add(CustomizableUI.AREA_NAVBAR);
 
     if (AppConstants.MENUBAR_CAN_AUTOHIDE) {
       this.registerArea(
@@ -687,6 +702,104 @@ var CustomizableUIInternal = {
     }
   },
 
+  _updateForBaseBrowser() {
+    if (!gSavedState) {
+      // Use the defaults.
+      return;
+    }
+
+    const currentVersion = gSavedState.currentVersionBaseBrowser;
+
+    if (currentVersion < 1) {
+      // NOTE: In base-browser/tor-browser version 12.5a5, and earlier, the
+      // toolbar was configured by setting the full JSON string for the default
+      // "browser.uiCustomization.state" preference value. The disadvantage is
+      // that we could not update this value in a way that existing users (who
+      // would have non-default preference values) would also get the desired
+      // change (e.g. for adding or removing a button).
+      //
+      // With tor-browser#41736 we want to switch to changing the toolbar
+      // dynamically like firefox. Therefore, this first version transfer simply
+      // gets the toolbar into the same state we wanted before, away from the
+      // default firefox state.
+      //
+      // If an existing user state aligned with the previous default
+      // "browser.uiCustomization.state" then this shouldn't visibly change
+      // anything.
+      // If a user explicitly customized the toolbar to go back to the firefox
+      // default, then this may undo those changes.
+      const navbarPlacements =
+        gSavedState.placements[CustomizableUI.AREA_NAVBAR];
+      if (navbarPlacements) {
+        const getBeforeAfterUrlbar = () => {
+          // NOTE: The urlbar is non-removable from the navbar, so should have
+          // an index.
+          const index = navbarPlacements.indexOf("urlbar-container");
+          let after = index + 1;
+          if (
+            after < navbarPlacements.length &&
+            navbarPlacements[after] === "search-container"
+          ) {
+            // Skip past the search-container.
+            after++;
+          }
+          return { before: index - 1, after };
+        };
+
+        // Remove the urlbar springs either side of the urlbar.
+        const { before, after } = getBeforeAfterUrlbar();
+        if (
+          after < navbarPlacements.length &&
+          this.matchingSpecials(navbarPlacements[after], "spring")
+        ) {
+          // Remove the spring after.
+          navbarPlacements.splice(after, 1);
+          // NOTE: The `before` index does not change.
+        }
+        if (
+          before >= 0 &&
+          this.matchingSpecials(navbarPlacements[before], "spring")
+        ) {
+          // Remove the spring before.
+          navbarPlacements.splice(before, 1);
+        }
+
+        // Make sure the security-level-button and new-identity-button appears
+        // in the toolbar.
+        for (const id of ["new-identity-button", "security-level-button"]) {
+          let alreadyAdded = false;
+          for (const placements of Object.values(gSavedState.placements)) {
+            if (placements.includes(id)) {
+              alreadyAdded = true;
+              break;
+            }
+          }
+          if (alreadyAdded) {
+            continue;
+          }
+
+          // Add to the nav-bar, after the urlbar-container.
+          // NOTE: We have already removed the spring after the urlbar.
+          navbarPlacements.splice(getBeforeAfterUrlbar().after, 0, id);
+        }
+      }
+
+      // Remove save-to-pocket-button. See tor-browser#18886 and
+      // tor-browser#31602.
+      for (const placements of Object.values(gSavedState.placements)) {
+        let buttonIndex = placements.indexOf("save-to-pocket-button");
+        if (buttonIndex != -1) {
+          placements.splice(buttonIndex, 1);
+        }
+      }
+
+      // Remove unused fields that used to be part of
+      // "browser.uiCustomization.state".
+      delete gSavedState.placements["PanelUI-contents"];
+      delete gSavedState.placements["addon-bar"];
+    }
+  },
+
   _placeNewDefaultWidgetsInArea(aArea) {
     let futurePlacedWidgets = gFuturePlacements.get(aArea);
     let savedPlacements =
@@ -2501,6 +2614,10 @@ var CustomizableUIInternal = {
       gSavedState.currentVersion = 0;
     }
 
+    if (!("currentVersionBaseBrowser" in gSavedState)) {
+      gSavedState.currentVersionBaseBrowser = 0;
+    }
+
     gSeenWidgets = new Set(gSavedState.seen || []);
     gDirtyAreaCache = new Set(gSavedState.dirtyAreaCache || []);
     gNewElementCount = gSavedState.newElementCount || 0;
@@ -2579,6 +2696,7 @@ var CustomizableUIInternal = {
       seen: gSeenWidgets,
       dirtyAreaCache: gDirtyAreaCache,
       currentVersion: kVersion,
+      currentVersionBaseBrowser: kVersionBaseBrowser,
       newElementCount: gNewElementCount,
     };