browser/components/securitylevel/content/securityLevelPanel.css

+/* Security Level CSS */
+
+#securityLevel-background {
+  /* xul:vbox with display: block will be correctly measured in size by the
+   * parent xul:panel, with line-wrapping taken into account, and allocated the
+   * required space. */
+  display: block;
+  min-height: 10em;
+  padding-inline: 16px;
+  background-repeat: no-repeat;
+  background-position-y: top 0.4em;
+  /* Icon center should be in-line with end padding.
+   * We set the right-to-left position here, and the left-to-right position
+   * below. */
+  --background-inline-offset: calc(16px - 4.5em);
+  background-position-x: left var(--background-inline-offset);
+  background-size: 9em 9em;
+  -moz-context-properties: fill, fill-opacity;
+  fill-opacity: 1;
+  fill: var(--button-bgcolor);
+}
+
+/* NOTE: Use ":dir" instead of ":-moz-locale-dir" when panel switches to HTML. */
+#securityLevel-background:-moz-locale-dir(ltr) {
+  background-position-x: right var(--background-inline-offset);
+}
+
+#securityLevel-background[level="standard"] {
+  background-image: url("chrome://browser/content/securitylevel/securityLevelIcon.svg#standard");
+}
+
+#securityLevel-background[level="safer"] {
+  background-image: url("chrome://browser/content/securitylevel/securityLevelIcon.svg#safer");
+}
+
+#securityLevel-background[level="safest"] {
+  background-image: url("chrome://browser/content/securitylevel/securityLevelIcon.svg#safest");
+}
+
+/* Override margin in panelUI-shared.css */
+#securityLevel-panel toolbarseparator#securityLevel-separator {
+  margin-inline: 16px;
+}
+
+#securityLevel-level {
+  font-size: 1.25em;
+  font-weight: 600;
+}
+
+#securityLevel-custom {
+  border-radius: 4px;
+  background-color: var(--warning-color);
+  color: black;
+  padding: 0.4em 0.5em;
+  margin-inline-start: 1em;
+}
+
+#securityLevel-summary {
+  padding-inline-end: 5em;
+  max-width: 20em;
+}

browser/components/securitylevel/content/securityLevelPanel.inc.xhtml

+<panel id="securityLevel-panel"
+       role="dialog"
+       aria-labelledby="securityLevel-header"
+       aria-describedby="securityLevel-subheading securityLevel-summary"
+       type="arrow"
+       orient="vertical"
+       level="top"
+       class="cui-widget-panel panel-no-padding">
+  <box class="panel-header">
+    <html:h1 id="securityLevel-header"></html:h1>
+  </box>
+  <toolbarseparator id="securityLevel-separator"></toolbarseparator>
+  <vbox id="securityLevel-background" class="panel-subview-body">
+    <html:p id="securityLevel-subheading">
+      <html:span id="securityLevel-level"></html:span>
+      <html:span id="securityLevel-custom"></html:span>
+    </html:p>
+    <html:p id="securityLevel-summary"></html:p>
+    <html:a id="securityLevel-learnMore" href="about:manual#security-settings">
+    </html:a>
+  </vbox>
+  <hbox class="panel-footer">
+    <button id="securityLevel-settings"/>
+    <button id="securityLevel-restoreDefaults"/>
+  </hbox>
+</panel>

browser/components/securitylevel/content/securityLevelPreferences.css

+#securityLevel-groupbox {
+  --section-highlight-background-color: color-mix(in srgb, var(--in-content-accent-color) 20%, transparent);
+}
+
+#securityLevel-customNotification {
+  /* Spacing similar to #fpiIncompatibilityWarning. */
+  margin-block: 16px;
+}
+
+.info-icon.securityLevel-custom-warning-icon {
+  list-style-image: url("chrome://global/skin/icons/warning.svg");
+}
+
+#securityLevel-customHeading {
+  font-weight: bold;
+}
+
+/* Overwrite indent rule from preferences.css */
+#securityLevel-radiogroup description.indent {
+  color: var(--in-content-page-color);
+}
+
+#securityLevel-radiogroup radio {
+  font-weight: bold;
+}
+
+#securityLevel-radiogroup[disabled] {
+  opacity: 0.5;
+}
+
+/* Overwrite the rule in common-shared.css so we don't get 0.25 opacity overall
+ * on the radio text. */
+#securityLevel-radiogroup[disabled] radio[disabled] {
+  opacity: 1.0;
+}
+
+.securityLevel-radio-option {
+  border: 1px solid var(--in-content-box-border-color);
+  border-radius: 4px;
+  margin: 3px 0;
+  padding: 9px;
+}
+
+.securityLevel-radio-option.securityLevel-radio-option-selected {
+  background-color: var(--section-highlight-background-color);
+  border: 1px solid var(--in-content-accent-color);
+
+}
+
+.securityLevel-radio-option:not(
+  .securityLevel-radio-option-selected
+) .securityLevel-descriptionList {
+  display: none;
+}
+
+.securityLevel-descriptionList description {
+  display: list-item;
+}

browser/components/securitylevel/content/securityLevelPreferences.inc.xhtml

+<groupbox id="securityLevel-groupbox"
+          data-category="panePrivacy"
+          data-subcategory="securitylevel"
+          hidden="true">
+  <label><html:h2></html:h2></label>
+  <vbox flex="1">
+    <description flex="1">
+      <html:span id="securityLevel-overview" class="tail-with-learn-more">
+      </html:span>
+      <label id="securityLevel-learnMore"
+             class="learnMore text-link"
+             is="text-link"
+             href="about:manual#security-settings"
+             useoriginprincipal="true"/>
+    </description>
+    <hbox id="securityLevel-customNotification"
+          class="info-box-container"
+          flex="1">
+      <hbox class="info-icon-container">
+        <image class="info-icon securityLevel-custom-warning-icon"/>
+      </hbox>
+      <vbox flex="1">
+        <label id="securityLevel-customHeading"/>
+        <description id="securityLevel-customDescription" flex="1"/>
+      </vbox>
+      <hbox align="center">
+        <button id="securityLevel-restoreDefaults"/>
+      </hbox>
+    </hbox>
+    <radiogroup id="securityLevel-radiogroup">
+      <vbox class="securityLevel-radio-option">
+        <radio value="standard"
+               aria-describedby="securityLevelSummary-standard"/>
+        <vbox id="securityLevelSummary-standard">
+          <description class="summary indent" flex="1"/>
+        </vbox>
+      </vbox>
+      <vbox class="securityLevel-radio-option">
+        <!-- NOTE: We point the accessible description to the wrapping vbox
+          - rather than its first description element. This means that when the
+          - securityLevel-descriptionList is shown or hidden, its text content
+          - is included or excluded from the accessible description,
+          - respectively. -->
+        <radio value="safer"
+               aria-describedby="securityLevelSummary-safer"/>
+        <vbox id="securityLevelSummary-safer">
+          <description class="summary indent" flex="1"/>
+          <vbox class="securityLevel-descriptionList indent"/>
+        </vbox>
+      </vbox>
+      <vbox class="securityLevel-radio-option">
+        <radio value="safest"
+               aria-describedby="securityLevelSummary-safest"/>
+        <vbox id="securityLevelSummary-safest">
+          <description class="summary indent" flex="1"/>
+          <vbox class="securityLevel-descriptionList indent"/>
+        </vbox>
+      </vbox>
+    </radiogroup>
+  </vbox>
+</groupbox>

browser/components/securitylevel/jar.mn

+browser.jar:
+    content/browser/securitylevel/securityLevel.js             (content/securityLevel.js)
+    content/browser/securitylevel/securityLevelPanel.css       (content/securityLevelPanel.css)
+    content/browser/securitylevel/securityLevelButton.css      (content/securityLevelButton.css)
+    content/browser/securitylevel/securityLevelPreferences.css (content/securityLevelPreferences.css)
+    content/browser/securitylevel/securityLevelIcon.svg        (content/securityLevelIcon.svg)

browser/components/securitylevel/moz.build

+JAR_MANIFESTS += ["jar.mn"]

browser/config/mozconfigs/base-browser

+# Shared build settings and settings to enhance security and privacy.
+
+. $topsrcdir/browser/config/mozconfig
+
+if test -f "$topsrcdir/mozconfig-toolchain"; then
+    . $topsrcdir/mozconfig-toolchain
+fi
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@
+
+ac_add_options --enable-official-branding
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+
+ac_add_options --disable-unverified-updates
+ac_add_options --enable-nss-mar
+ac_add_options --enable-base-browser-update
+
+ac_add_options --enable-bundled-fonts
+
+# See bug #41587
+ac_add_options --disable-updater
+
+ac_add_options --disable-tests
+ac_add_options --disable-debug
+
+ac_add_options --disable-crashreporter
+# Before removing, please notice that WebRTC does not work on mingw (Bug 1393901)
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+ac_add_options --enable-proxy-bypass-protection
+# See bugs #30575 and #32418: system policies are harmful either because they
+# could allow proxy bypass, and override a number of other preferences we set
+ac_add_options --disable-system-policies
+
+# See bug #41131
+ac_add_options --disable-backgroundtasks
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
+
+# Disable the creation of a <something>.default that Firefox by default creates
+# for old version that could not use dedicated profiles. See tor-browser#41542.
+ac_add_options --disable-legacy-profile-creation
+
+if test -z "$WASI_SYSROOT"; then
+    ac_add_options --without-wasm-sandboxed-libraries
+fi
+
+ac_add_options --with-relative-data-dir=BaseBrowser/Data/Browser

browser/config/mozconfigs/base-browser-android

+export MOZILLA_OFFICIAL=1
+
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --enable-official-branding
+
+ac_add_options --enable-application=mobile/android
+
+CC="clang"
+CXX="clang++"
+ac_add_options --with-java-bin-path=$JAVA_HOME/bin
+ac_add_options --with-android-sdk=$ANDROID_HOME
+ac_add_options --with-android-ndk=$ANDROID_NDK_HOME
+ac_add_options --with-android-min-sdk=21
+ac_add_options --with-gradle=$GRADLE_HOME/bin/gradle
+
+# https://bugzilla.mozilla.org/show_bug.cgi?id=1758568
+ac_add_options --enable-minify=properties
+
+ac_add_options --enable-strip
+ac_add_options --enable-install-strip
+ac_add_options --disable-tests
+ac_add_options --disable-debug
+ac_add_options --disable-rust-debug
+
+ac_add_options --disable-updater
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+
+ac_add_options --enable-proxy-bypass-protection
+ac_add_options --disable-system-policies
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
+
+if test -n "$LOCAL_DEV_BUILD"; then
+    # You must use the "default" bogus channel for dev builds
+    ac_add_options --enable-update-channel=default
+    ac_add_options --with-base-browser-version=dev-build
+else
+    # We only use beta GeckoView for now, for official builds
+    ac_add_options --enable-update-channel=beta
+fi
+
+if test -z "$WASI_SYSROOT"; then
+    ac_add_options --without-wasm-sandboxed-libraries
+fi

browser/confvars.sh

@@ -5,26 +5,6 @@
 
 MOZ_APP_VENDOR=Mozilla
 
-if test "$OS_ARCH" = "WINNT"; then
-  if ! test "$HAVE_64BIT_BUILD"; then
-    if test "$MOZ_UPDATE_CHANNEL" = "nightly" -o \
-            "$MOZ_UPDATE_CHANNEL" = "nightly-try" -o \
-            "$MOZ_UPDATE_CHANNEL" = "aurora" -o \
-            "$MOZ_UPDATE_CHANNEL" = "beta" -o \
-            "$MOZ_UPDATE_CHANNEL" = "release"; then
-      if ! test "$MOZ_DEBUG"; then
-        if ! test "$USE_STUB_INSTALLER"; then
-          # Expect USE_STUB_INSTALLER from taskcluster for downstream task consistency
-          echo "ERROR: STUB installer expected to be enabled but"
-          echo "ERROR: USE_STUB_INSTALLER is not specified in the environment"
-          exit 1
-        fi
-        MOZ_STUB_INSTALLER=1
-      fi
-    fi
-  fi
-fi
-
 BROWSER_CHROME_URL=chrome://browser/content/browser.xhtml
 
 # MOZ_APP_DISPLAYNAME will be set by branding/configure.sh
@@ -37,7 +17,23 @@ MOZ_BRANDING_DIRECTORY=browser/branding/unofficial
 MOZ_OFFICIAL_BRANDING_DIRECTORY=browser/branding/official
 MOZ_APP_ID={ec8030f7-c20a-464f-9b0e-13a3a9e97384}
 
-MOZ_PROFILE_MIGRATOR=1
+# tor-browser#41577: Do not enable profile migration
+# MOZ_PROFILE_MIGRATOR=1
+
+# ACCEPTED_MAR_CHANNEL_IDS should usually be the same as the value MAR_CHANNEL_ID.
+# If more than one ID is needed, then you should use a comma separated list
+# of values.
+# The MAR_CHANNEL_ID must not contain the following 3 characters: ",\t "
+if test "$MOZ_UPDATE_CHANNEL" = "alpha"; then
+  ACCEPTED_MAR_CHANNEL_IDS=basebrowser-torproject-alpha
+  MAR_CHANNEL_ID=basebrowser-torproject-alpha
+elif test "$MOZ_UPDATE_CHANNEL" = "nightly"; then
+  ACCEPTED_MAR_CHANNEL_IDS=basebrowser-torproject-nightly
+  MAR_CHANNEL_ID=basebrowser-torproject-nightly
+else
+  ACCEPTED_MAR_CHANNEL_IDS=basebrowser-torproject-release
+  MAR_CHANNEL_ID=basebrowser-torproject-release
+fi
 
 # Include the DevTools client, not just the server (which is the default)
 MOZ_DEVTOOLS=all

browser/extensions/moz.build

@@ -5,10 +5,4 @@
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 DIRS += [
-    "formautofill",
-    "screenshots",
-    "webcompat",
-    "report-site-issue",
-    "pictureinpicture",
-    "search-detection",
 ]

browser/installer/Makefile.in

@@ -85,6 +85,10 @@ endif
 endif
 endif
 
+ifdef BASE_BROWSER_UPDATE
+DEFINES += -DBASE_BROWSER_UPDATE
+endif
+
 ifneq (,$(filter WINNT Darwin Android,$(OS_TARGET)))
 DEFINES += -DMOZ_SHARED_MOZGLUE=1
 endif

browser/installer/package-manifest.in

@@ -36,8 +36,10 @@
 ; Mac bundle stuff
 @APPNAME@/Contents/Info.plist
 #ifdef MOZ_UPDATER
+#ifndef BASE_BROWSER_UPDATE
 @APPNAME@/Contents/Library/LaunchServices
 #endif
+#endif
 @APPNAME@/Contents/PkgInfo
 @RESPATH@/firefox.icns
 @RESPATH@/document.icns
@@ -235,7 +237,9 @@
 @RESPATH@/browser/chrome/icons/default/default64.png
 @RESPATH@/browser/chrome/icons/default/default128.png
 #endif
-@RESPATH@/browser/features/*
+
+; Base Browser
+@RESPATH@/components/SecurityLevel.manifest
 
 ; [DevTools Startup Files]
 @RESPATH@/browser/chrome/devtools-startup@JAREXT@
@@ -268,6 +272,7 @@
 @RESPATH@/browser/defaults/settings/blocklists
 @RESPATH@/browser/defaults/settings/main
 @RESPATH@/browser/defaults/settings/security-state
+@RESPATH@/browser/@PREF_DIR@/001-base-profile.js
 
 ; Warning: changing the path to channel-prefs.js can cause bugs (Bug 756325)
 ; Technically this is an app pref file, but we are keeping it in the original
@@ -419,10 +424,6 @@ bin/libfreebl_64int_3.so
 @BINPATH@/minidump-analyzer@BIN_SUFFIX@
 #endif
 
-; [ Ping Sender ]
-;
-@BINPATH@/pingsender@BIN_SUFFIX@
-
 ; [ Notification COM Server ]
 ;
 #if defined(MOZ_NOTIFICATION_SERVER)
@@ -441,8 +442,8 @@ bin/libfreebl_64int_3.so
 #endif
 
 ; media
-@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@
-@RESPATH@/gmp-clearkey/0.1/manifest.json
+;@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@
+;@RESPATH@/gmp-clearkey/0.1/manifest.json
 
 #ifdef MOZ_DMD
 ; DMD

browser/installer/windows/nsis/shared.nsh

@@ -1493,7 +1493,6 @@ ${RemoveDefaultBrowserAgentShortcut}
   Push "crashreporter.exe"
   Push "default-browser-agent.exe"
   Push "minidump-analyzer.exe"
-  Push "pingsender.exe"
   Push "updater.exe"
   Push "mozwer.dll"
   Push "${FileMainEXE}"

browser/locales/Makefile.in

@@ -53,10 +53,6 @@ l10n-%:
 	@$(MAKE) -C ../../toolkit/locales l10n-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)'
 	@$(MAKE) -C ../../services/sync/locales AB_CD=$* XPI_NAME=locale-$*
 	@$(MAKE) -C ../../extensions/spellcheck/locales AB_CD=$* XPI_NAME=locale-$*
-ifneq (,$(wildcard ../extensions/formautofill/locales))
-	@$(MAKE) -C ../extensions/formautofill/locales AB_CD=$* XPI_NAME=locale-$*
-endif
-	@$(MAKE) -C ../extensions/report-site-issue/locales AB_CD=$* XPI_NAME=locale-$*
 	@$(MAKE) -C ../../devtools/client/locales AB_CD=$* XPI_NAME=locale-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)'
 	@$(MAKE) -C ../../devtools/startup/locales AB_CD=$* XPI_NAME=locale-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)'
 	@$(MAKE) l10n AB_CD=$* XPI_NAME=locale-$* PREF_DIR=$(PREF_DIR)
@@ -71,14 +67,10 @@ chrome-%:
 	@$(MAKE) -C ../../toolkit/locales chrome-$*
 	@$(MAKE) -C ../../services/sync/locales chrome AB_CD=$*
 	@$(MAKE) -C ../../extensions/spellcheck/locales chrome AB_CD=$*
-ifneq (,$(wildcard ../extensions/formautofill/locales))
-	@$(MAKE) -C ../extensions/formautofill/locales chrome AB_CD=$*
-endif
 	@$(MAKE) -C ../../devtools/client/locales chrome AB_CD=$*
 	@$(MAKE) -C ../../devtools/startup/locales chrome AB_CD=$*
 	@$(MAKE) chrome AB_CD=$*
 	@$(MAKE) -C $(DEPTH)/$(MOZ_BRANDING_DIRECTORY)/locales chrome AB_CD=$*
-	@$(MAKE) -C ../extensions/report-site-issue/locales chrome AB_CD=$*
 
 package-win32-installer: $(SUBMAKEFILES)
 	$(MAKE) -C ../installer/windows CONFIG_DIR=l10ngen ZIP_IN='$(ZIP_OUT)' installer

browser/locales/en-US/browser/languageNotification.ftl

+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# These strings are used by the Base Browser part of the changeset, not only for
+# the language notification.
+# TODO: Rename this file to make this clearer
+
+
+## Language notification
+
+# $language is the language Tor Browser is displayed in (already translated)
+language-notification-label-system = { -brand-short-name } has set your display language to { $language } based on your system’s language.
+# This is shown when the system language is not supported, so we fall back to another language instead.
+# $language is the language Tor Browser is displayed in (already translated).
+language-notification-label = { -brand-short-name } has set your display language to { $language }.
+language-notification-button = Change Language…
+
+
+## Fullscreen/maximization notification shown when letterboxing is disabled
+
+basebrowser-rfp-maximize-warning-message = Maximizing the browser window can allow websites to determine your monitor size, which can be used to track you. We recommend that you leave browser windows in their original default size.
+basebrowser-rfp-restore-window-size-button-label = Restore
+basebrowser-rfp-restore-window-size-button-ak = R
+
+
+## Tooltip for the about:addons recommended badge
+
+basebrowser-addon-badge-recommended = Mozilla only recommends extensions that meet their standards for security and performance
+basebrowser-addon-badge-verified = Mozilla has reviewed this extension to meet their standards for security and performance

browser/locales/en-US/chrome/browser/newIdentity.properties

+new_identity = New Identity
+# This is the string for the hamburger menu
+new_identity_sentence_case = New identity
+# %S is the application name. Keep it as a placeholder
+new_identity_prompt_title = Reset your identity?
+new_identity_prompt = %S will close all windows and tabs. All website sessions will be lost. \nRestart %S now to reset your identity?
+new_identity_restart = Restart %S
+new_identity_ask_again = Never ask me again
+# Shown in the File menu (use Alt to show File, if you do not see)
+new_identity_menu_accesskey = I

browser/locales/en-US/chrome/browser/securityLevel.properties

+# Generic terms
+security_level = Security Level
+security_level_standard = Standard
+security_level_safer = Safer
+security_level_safest = Safest
+security_level_tooltip_standard = Security Level: Standard
+security_level_tooltip_safer = Security Level: Safer
+security_level_tooltip_safest = Security Level: Safest
+# Shown only for custom level
+security_level_custom = Custom
+security_level_restore = Restore Defaults
+security_level_learn_more = Learn more
+
+# Panel button that takes the user to the security level settings in
+# about:preferences#privacy
+security_level_open_settings = Settings…
+security_level_change = Change…
+security_level_standard_summary = All browser and website features are enabled.
+security_level_safer_summary = Disables website features that are often dangerous, causing some sites to lose functionality.
+security_level_safest_summary = Only allows website features required for static sites and basic services. These changes affect images, media, and scripts.
+security_level_custom_heading = Custom security level configured
+security_level_custom_summary = Your custom browser preferences have resulted in unusual security settings. For security and privacy reasons, we recommend you choose one of the default security levels.
+
+## Security level section in about:preferences#privacy
+security_level_overview = Disable certain web features that can be used to attack your security and anonymity.
+security_level_list_safer = At the safer setting:
+security_level_list_safest = At the safest setting:
+# Strings for descriptions
+security_level_js_https_only = JavaScript is disabled on non-HTTPS sites.
+security_level_js_disabled = JavaScript is disabled by default on all sites.
+security_level_limit_typography = Some fonts and math symbols are disabled.
+security_level_limit_typography_svg = Some fonts, icons, math symbols, and images are disabled.
+security_level_limit_media = Audio and video (HTML5 media), and WebGL are click-to-play.

browser/locales/en-US/chrome/overrides/appstrings.properties

-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0. If a copy of the MPL was not distributed with this
-# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
-malformedURI2=Please check that the URL is correct and try again.
-fileNotFound=Firefox can’t find the file at %S.
-fileAccessDenied=The file at %S is not readable.
-dnsNotFound2=We can’t connect to the server at %S.
-unknownProtocolFound=Firefox doesn’t know how to open this address, because one of the following protocols (%S) isn’t associated with any program or is not allowed in this context.
-connectionFailure=Firefox can’t establish a connection to the server at %S.
-netInterrupt=The connection to %S was interrupted while the page was loading.
-netTimeout=The server at %S is taking too long to respond.
-redirectLoop=Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
-## LOCALIZATION NOTE (confirmRepostPrompt): In this item, don’t translate "%S"
-confirmRepostPrompt=To display this page, %S must send information that will repeat any action (such as a search or order confirmation) that was performed earlier.
-resendButton.label=Resend
-unknownSocketType=Firefox doesn’t know how to communicate with the server.
-netReset=The connection to the server was reset while the page was loading.
-notCached=This document is no longer available.
-netOffline=Firefox is currently in offline mode and can’t browse the Web.
-isprinting=The document cannot change while Printing or in Print Preview.
-deniedPortAccess=This address uses a network port which is normally used for purposes other than Web browsing. Firefox has canceled the request for your protection.
-proxyResolveFailure=Firefox is configured to use a proxy server that can’t be found.
-proxyConnectFailure=Firefox is configured to use a proxy server that is refusing connections.
-contentEncodingError=The page you are trying to view cannot be shown because it uses an invalid or unsupported form of compression.
-unsafeContentType=The page you are trying to view cannot be shown because it is contained in a file type that may not be safe to open. Please contact the website owners to inform them of this problem.
-externalProtocolTitle=External Protocol Request
-externalProtocolPrompt=An external application must be launched to handle %1$S: links.\n\n\nRequested link:\n\n%2$S\n\nApplication: %3$S\n\n\nIf you were not expecting this request it may be an attempt to exploit a weakness in that other program. Cancel this request unless you are sure it is not malicious.\n
-#LOCALIZATION NOTE (externalProtocolUnknown): The following string is shown if the application name can't be determined
-externalProtocolUnknown=<Unknown>
-externalProtocolChkMsg=Remember my choice for all links of this type.
-externalProtocolLaunchBtn=Launch application
-malwareBlocked=The site at %S has been reported as an attack site and has been blocked based on your security preferences.
-harmfulBlocked=The site at %S has been reported as a potentially harmful site and has been blocked based on your security preferences.
-unwantedBlocked=The site at %S has been reported as serving unwanted software and has been blocked based on your security preferences.
-deceptiveBlocked=This web page at %S has been reported as a deceptive site and has been blocked based on your security preferences.
-cspBlocked=This page has a content security policy that prevents it from being loaded in this way.
-xfoBlocked=This page has an X-Frame-Options policy that prevents it from being loaded in this context.
-corruptedContentErrorv2=The site at %S has experienced a network protocol violation that cannot be repaired.
-## LOCALIZATION NOTE (sslv3Used) - Do not translate "%S".
-sslv3Used=Firefox cannot guarantee the safety of your data on %S because it uses SSLv3, a broken security protocol.
-inadequateSecurityError=The website tried to negotiate an inadequate level of security.
-blockedByPolicy=Your organization has blocked access to this page or website.
-networkProtocolError=Firefox has experienced a network protocol violation that cannot be repaired.

browser/locales/jar.mn

@@ -33,13 +33,6 @@
     locale/browser/safebrowsing/safebrowsing.properties   (%chrome/browser/safebrowsing/safebrowsing.properties)
     locale/browser/feeds/subscribe.properties       (%chrome/browser/feeds/subscribe.properties)
     locale/browser/syncSetup.properties         (%chrome/browser/syncSetup.properties)
+    locale/browser/securityLevel.properties        (%chrome/browser/securityLevel.properties)
+    locale/browser/newIdentity.properties          (%chrome/browser/newIdentity.properties)
 % locale browser-region @AB_CD@ %locale/browser-region/
-# the following files are browser-specific overrides
-    locale/browser/appstrings.properties       (%chrome/overrides/appstrings.properties)
-
-#ifdef XPI_NAME
-# Bug 1240628, restructure how l10n repacks work with feature addons
-# This is hacky, but ensures the chrome.manifest chain is complete
-[.] chrome.jar:
-% manifest features/chrome.manifest
-#endif

browser/modules/HomePage.jsm

@@ -25,7 +25,7 @@ XPCOMUtils.defineLazyModuleGetters(lazy, {
 });
 
 const kPrefName = "browser.startup.homepage";
-const kDefaultHomePage = "about:home";
+const kDefaultHomePage = "about:blank";
 const kExtensionControllerPref =
   "browser.startup.homepage_override.extensionControlled";
 const kHomePageIgnoreListId = "homepage-urls";