Tor Browser issueshttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues2023-10-09T16:59:47Zhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/25438Use Locked Prefs2023-10-09T16:59:47ZTom Rittertom@ritter.vgUse Locked Prefshttps://bugzilla.mozilla.org/show_bug.cgi?id=440908 adds support for locked prefs, which are set during build and cannot be changed.
If that doesn't wind up in 60, I think it should be backported, and taken advantage of.
We can lock at...https://bugzilla.mozilla.org/show_bug.cgi?id=440908 adds support for locked prefs, which are set during build and cannot be changed.
If that doesn't wind up in 60, I think it should be backported, and taken advantage of.
We can lock at least the proxy settings. We could consider locking FPI and Fingerprinting settings, but I'm not sure those would be appropriate to lock.Sponsor 131 - Phase 3 - Major ESR 102 Migrationhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41335Establish a common onboarding template for both browsers2024-02-15T14:50:07ZdonutsEstablish a common onboarding template for both browsersTor Browser's current onboarding template is a port of an older version from Firefox. We should explore alternatives here before deciding on a template, e.g. the practicality of modifying Firefox's current built-in format.Tor Browser's current onboarding template is a port of an older version from Firefox. We should explore alternatives here before deciding on a template, e.g. the practicality of modifying Firefox's current built-in format.Sponsor 131 - Phase 2 - Privacy Browserhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42321Draw new icons for built-in bridges: obfs4, snowflake, and meek-azure2024-01-30T19:23:26ZnicobDraw new icons for built-in bridges: obfs4, snowflake, and meek-azureWe need custom icons for built-in bridges to :sparkles: jazz up :sparkles: the bridge cards.
@donuts off the bat do you have any suggestions for obfs4 and meek-azure conceptually?We need custom icons for built-in bridges to :sparkles: jazz up :sparkles: the bridge cards.
@donuts off the bat do you have any suggestions for obfs4 and meek-azure conceptually?Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibetnicobnicobhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41541Update builtin bridges from Circumvention Settings API2024-03-27T15:25:34Zmeskiomeskio@torproject.orgUpdate builtin bridges from Circumvention Settings APIRight now to update the builtin bridges we need to make a Tor Browser release, it would be nice if TB automatically updates them using [Circumvention Settings API](https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/main/doc/m...Right now to update the builtin bridges we need to make a Tor Browser release, it would be nice if TB automatically updates them using [Circumvention Settings API](https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/blob/main/doc/moat.md#circumventionbuiltin).
There are two concerns I have about it:
* Users will not be happy with TB making a call to an external API without giving some consent about it.
* We don't want to make easier for censors to notice you are using Tor because of that.
I think it makes sense to update when we do other connections to moat (Connect Assist, captcha bridges, ...), I assume user has already consent to do a request to the API on those cases and having an extra connection over the domain fronting should not make it more noticeable than it already is. We could store when was the last time we had updated them, and don't update them is they are fresh (maybe 24h is a good freshness).
An extra that would be nice is to ask the user if they want to refresh the builtin bridges when they click on Settings to *Select a Built-In Bridge*. I think we should only ask if bridges hasn't being refreshed for a while (maybe 7days). The confirmation popup could have a check box with 'remember that option' or something like that, so the following times they enable builtin bridges we refresh or not without asking (if the bridges hasn't being refreshed in 7days).Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibetma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/15910Figure out what to do with OpenH264 (downloads) in Tor Browser2023-12-13T18:26:54ZGeorg KoppenFigure out what to do with OpenH264 (downloads) in Tor BrowserWe should think about what we want to do with the OpenH264 video codec plugin which Firefox downloads since version 33 shortly after it gets started for the first time (see: http://andreasgal.com/2014/10/14/openh264-now-in-firefox/ and h...We should think about what we want to do with the OpenH264 video codec plugin which Firefox downloads since version 33 shortly after it gets started for the first time (see: http://andreasgal.com/2014/10/14/openh264-now-in-firefox/ and https://wiki.mozilla.org/QA/WebRTC/OpenH264).
The good news is, the code is free: https://github.com/cisco/openh264. The bad news is it needs to get downloaded from Cisco as a binary blob due to patent issues. And there is currently no known way to build this binary blob deterministically: https://bugzilla.mozilla.org/show_bug.cgi?id=1115874.
I think we should make sure that the plugin does not get downloaded as:
1) It is currently only used for WebRTC which we have disabled (https://bugzilla.mozilla.org/show_bug.cgi?id=1150544#c8) (we should make sure that this argument still holds for ESR 38 when we ship it if that matters)
2) The binary blob is not built reproducibly which poses security risks. Although there seems to be kind of a mechanism for Mozilla to verify things:
```
Mozilla and Cisco have established a process by which the binary is verified as having been built from the publicly available source, thereby enhancing the transparency and trustworthiness of the system.
```
3) The download uses essentially Mozilla's "cert pinning". We might want to have something stronger in place.
...
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769716 for a way to disable the plugin download.Sponsor 131 - Phase 5 - Ongoing Maintenancerichardrichard2024-01-31https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42436Allow for multiple configured (front, reflector) domain fronting pairs in Moa...2024-03-06T18:39:12ZCecylia BocovichAllow for multiple configured (front, reflector) domain fronting pairs in Moat moduleIt's happened twice now that the domain fronting settings for Moat have stopped working:
- [when `cdn.sstatic.net` moved to CloudFlare](https://lists.torproject.org/pipermail/anti-censorship-team/2023-September/000314.html)
- [when Fastl...It's happened twice now that the domain fronting settings for Moat have stopped working:
- [when `cdn.sstatic.net` moved to CloudFlare](https://lists.torproject.org/pipermail/anti-censorship-team/2023-September/000314.html)
- [when Fastly stopped supporting domain fronting and `foursquare.com` renewed its cert](https://github.com/net4people/bbs/issues/309)
When Moat stops working, it leaves us scrambling to find new front domains, the update process requires a new release, and it can be difficult for users to receive updates or connect if Connection Assist is unreachable. It's also difficult to choose a single front domain that will work in almost every place. Even though Connect Assist allows us offer country-specific circumvention settings, we have only a single setting for using Connect Assist itself.
Ideally, we could provide multiple (front, reflector) pairs, and iterate through them until a working pair is found. That pair can be saved for future use until it stops working and the module will re-iterate through the list until a new pair is found.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42429Android Connection Assist Non-Portriat-Phone Sizes Design2024-02-29T00:51:27ZclairehurstAndroid Connection Assist Non-Portriat-Phone Sizes DesignFor tor-browser#41188 we have portrait designs, but don't have landscape (and other non-protrait-phone) designs. How do we want the landscape (and other non-portriat-phone sizes) to look for connection assist? I was messing with trying t...For tor-browser#41188 we have portrait designs, but don't have landscape (and other non-protrait-phone) designs. How do we want the landscape (and other non-portriat-phone sizes) to look for connection assist? I was messing with trying to make it look better and have some references. I made the buttons have a max width, brought the toggle closer to the text, and reduced the spacing for the text so that it fits better horizontally (otherwise views start overlapping on certain screens with enough going on)
Mock Native Landscape
![Mock_Native_Landscape](/uploads/b2f313b9b51ae7a0499b3bfde3d917a7/Mock_Native_Landscape.png)
Current HTML Landscape
![HTML_Landscape](/uploads/6fa173af6b86fa10d8c1db5e072c27da/HTML_Landscape.png)
Mock Tablet
![Mock_Tablet](/uploads/bfc51dbdad8bfc6b6d60ea768e3dfb86/Mock_Tablet.png)
Mock Foldable
![Mock_Foldable](/uploads/38eb8f5c11b61ee47fd8e2c1db3d81be/Mock_Foldable.png)
Current Native Portrait
![Native_Portrait](/uploads/384005393822624e481d9a2e60a3935f/Native_Portrait.png){width=25%}donutsdonutshttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42418TorBrowser leave trace on the Windows Event Log by default and there is no wa...2024-03-05T13:50:25ZcypherpunksTorBrowser leave trace on the Windows Event Log by default and there is no way to stop this!To be clear, Mozilla Firefox does same thing.
Steps.
1. Launch Tor Browser latest
2. Open "eventvwr.ms" (The event viewer of Windows)
3. Open "Windows Logs/Application"
You'll see tons of:
```
The description for Event ID 5 from sourc...To be clear, Mozilla Firefox does same thing.
Steps.
1. Launch Tor Browser latest
2. Open "eventvwr.ms" (The event viewer of Windows)
3. Open "Windows Logs/Application"
You'll see tons of:
```
The description for Event ID 5 from source Tor Browser Launcher cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
```https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42406Betterboxing's gradient is visible in new pages2024-02-20T14:38:00ZPier Angelo VendrameBetterboxing's gradient is visible in new pagesI think it's a little bit strange to see the gradient for some time while loading new pages, or under certain other conditions.
![screencapture](/uploads/b30950cd64f8a3c46d97377a7aa04604/screencapture.mp4)
What do you think @jag?I think it's a little bit strange to see the gradient for some time while loading new pages, or under certain other conditions.
![screencapture](/uploads/b30950cd64f8a3c46d97377a7aa04604/screencapture.mp4)
What do you think @jag?https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42385Design dialog to share Lox invites2024-02-27T19:07:34ZJag TalonDesign dialog to share Lox invitescc @donuts @henry
**Design estimate:**
* Complexity: small (1 day)
* Copy existing modals from Firefox's design system.
* Uncertainty level: low (1.1)
* I believe there's no uncertainty here. All we need is something that's good ...cc @donuts @henry
**Design estimate:**
* Complexity: small (1 day)
* Copy existing modals from Firefox's design system.
* Uncertainty level: low (1.1)
* I believe there's no uncertainty here. All we need is something that's good enough for now.
* Total: 1-1.1 dayshttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42362"New window" missing from File menu on macOS2024-01-10T07:30:30Zdonuts"New window" missing from File menu on macOSAt some point we seem to have lost the option to open a new window via the File menu on macOS.
[macos-file-menu](/uploads/aa06119db881fb40797f7500c3057e1c/macos-file-menu.png)At some point we seem to have lost the option to open a new window via the File menu on macOS.
[macos-file-menu](/uploads/aa06119db881fb40797f7500c3057e1c/macos-file-menu.png)https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42350newwin: consider exempting some `moz-extension://` scheme windows2024-03-12T09:04:47ZThorinnewwin: consider exempting some `moz-extension://` scheme windowsI'm not sure of the ramifications here, because once a window is created it can be used - but not if the urlbar etc is missing, so we can probably detect that
https://github.com/mullvad/mullvad-browser/issues/202
tl;dr: bitwarden chang...I'm not sure of the ramifications here, because once a window is created it can be used - but not if the urlbar etc is missing, so we can probably detect that
https://github.com/mullvad/mullvad-browser/issues/202
tl;dr: bitwarden changed from using a new window (in reality in a new tab) to a using a small resized window anchored to the top right - for UX reasons - the problem is, RFP's new win will open it at 1400 x 900 max.
here's how it should look (I'm just using a blank page, it makes more sense on a login)
![bitwarden](/uploads/b71c4f91ac347512424899f1dbf2a882/bitwarden.png)
here's what actually happens
- if you have the width, it actually positions top/left correctly, but the dimensions is the issue. I have just moved the second window for this image
![bitwarden-RFP](/uploads/aca05e5e8988dcc829d9c01dc76581b4/bitwarden-RFP.png)
Note: the scheme is `moz-extension://` and the window has no tabstrip, urlbar, toolbar - so this means it's useless to repurpose for loading websites, so we should be good to exempt these cases from newwin dimensions
@ma1 cc @pierovma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42347Add a banner warning users about the upcoming EOL for Win ≤8.1 and macOS ≤10.142024-02-01T14:39:44ZPier Angelo VendrameAdd a banner warning users about the upcoming EOL for Win ≤8.1 and macOS ≤10.1413.5 will be the last Windows version, Mozilla bumped the requirement to Windows 10.
We could add a warning to Windows 7 users somewhere, e.g., in about:tor.
We can check the version of the OS with `Services.sysinfo.getProperty("versio...13.5 will be the last Windows version, Mozilla bumped the requirement to Windows 10.
We could add a warning to Windows 7 users somewhere, e.g., in about:tor.
We can check the version of the OS with `Services.sysinfo.getProperty("version")`. It's `10.0` in my Windows 10 VM, and `6.1` in my Windows 7 VM.
Maybe the first versions of Windows 10 also use 6.1, but if that's the case, they're unsupported too.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42344Dragging and dropping files on Tor Browser triggers an assertion2024-01-08T11:13:11ZPier Angelo VendrameDragging and dropping files on Tor Browser triggers an assertionDropping a file on Tor Browser to open it triggers an assertion when they are enabled, on the validity of the event timestamp.
I haven't checked if Firefox also has this problem yet, because I don't have a debug build of Firefox.
Verif...Dropping a file on Tor Browser to open it triggers an assertion when they are enabled, on the validity of the event timestamp.
I haven't checked if Firefox also has this problem yet, because I don't have a debug build of Firefox.
Verified on Linux, for now, but might happen also on other platforms.
```c++
TimeDuration operator-(const TimeStamp& aOther) const {
MOZ_ASSERT(!IsNull(), "Cannot compute with a null value");
MOZ_ASSERT(!aOther.IsNull(), "Cannot compute with aOther null value"); // <-- this is the assertion
```
<details><summary>Stack trace</summary>
```
mozilla::TimeStamp::operator-(mozilla::TimeStamp const&) const (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/mozilla/TimeStamp.h:478)
mozilla::TimeStamp mozilla::SystemTimeConverter<unsigned int, mozilla::TimeStamp>::GetTimeStampFromSystemTime<mozilla::CurrentX11TimeGetter>(unsigned int, mozilla::CurrentX11TimeGetter&) (/home/piero/Tor/tor-browser/widget/SystemTimeConverter.h:110)
nsWindow::GetEventTimeStamp(unsigned int) (/home/piero/Tor/tor-browser/widget/gtk/nsWindow.cpp:4925)
nsWindow::GetWidgetEventTime(unsigned int) (/home/piero/Tor/tor-browser/widget/gtk/nsWindow.cpp:4893)
nsWindow::OnEnterNotifyEvent(_GdkEventCrossing*) (/home/piero/Tor/tor-browser/widget/gtk/nsWindow.cpp:4237)
enter_notify_event_cb(_GtkWidget*, _GdkEventCrossing*) (/home/piero/Tor/tor-browser/widget/gtk/nsWindow.cpp:8023)
___lldb_unnamed_symbol9265 (@___lldb_unnamed_symbol9265:49)
___lldb_unnamed_symbol908 (@___lldb_unnamed_symbol908:104)
___lldb_unnamed_symbol1115 (@___lldb_unnamed_symbol1115:160)
g_signal_emit_valist (@g_signal_emit_valist:21)
g_signal_emit (@g_signal_emit:29)
___lldb_unnamed_symbol17566 (@___lldb_unnamed_symbol17566:109)
gtk_main_do_event (@gtk_main_do_event:474)
___lldb_unnamed_symbol2629 (@___lldb_unnamed_symbol2629:15)
___lldb_unnamed_symbol4021 (@___lldb_unnamed_symbol4021:14)
___lldb_unnamed_symbol2528 (@___lldb_unnamed_symbol2528:128)
___lldb_unnamed_symbol2539 (@___lldb_unnamed_symbol2539:151)
g_main_context_iteration (@g_main_context_iteration:18)
nsAppShell::ProcessNextNativeEvent(bool) (/home/piero/Tor/tor-browser/widget/gtk/nsAppShell.cpp:422)
nsBaseAppShell::DoProcessNextNativeEvent(bool) (/home/piero/Tor/tor-browser/widget/nsBaseAppShell.cpp:131)
nsBaseAppShell::OnProcessNextEvent(nsIThreadInternal*, bool) (/home/piero/Tor/tor-browser/widget/nsBaseAppShell.cpp:250)
non-virtual thunk to nsBaseAppShell::OnProcessNextEvent(nsIThreadInternal*, bool) (/home/piero/Tor/tor-browser/widget/nsBaseAppShell.cpp:0)
nsThread::ProcessNextEvent(bool, bool*) (/home/piero/Tor/tor-browser/xpcom/threads/nsThread.cpp:1154)
NS_ProcessNextEvent(nsIThread*, bool) (/home/piero/Tor/tor-browser/xpcom/threads/nsThreadUtils.cpp:479)
mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) (/home/piero/Tor/tor-browser/ipc/glue/MessagePump.cpp:85)
MessageLoop::RunHandler() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:361)
MessageLoop::Run() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:343)
nsBaseAppShell::Run() (/home/piero/Tor/tor-browser/widget/nsBaseAppShell.cpp:148)
nsAppStartup::Run() (/home/piero/Tor/tor-browser/toolkit/components/startup/nsAppStartup.cpp:295)
XREMain::XRE_mainRun() (/home/piero/Tor/tor-browser/toolkit/xre/nsAppRunner.cpp:5826)
XREMain::XRE_main(int, char**, mozilla::BootstrapConfig const&) (/home/piero/Tor/tor-browser/toolkit/xre/nsAppRunner.cpp:6026)
XRE_main(int, char**, mozilla::BootstrapConfig const&) (/home/piero/Tor/tor-browser/toolkit/xre/nsAppRunner.cpp:6082)
do_main(int, char**, char**) (/home/piero/Tor/tor-browser/browser/app/nsBrowserApp.cpp:227)
main (/home/piero/Tor/tor-browser/browser/app/nsBrowserApp.cpp:445)
__libc_start_call_main (@__libc_start_call_main:26)
__libc_start_main_impl (@__libc_start_main@@GLIBC_2.34:43)
_start (@_start:14)
```
</details>
Other kind of drag and drops (e.g., tabs/links from Firefox) work, but I haven't done an extended test.ma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42317Update "Security Settings" menu item2023-12-05T01:52:34ZdonutsUpdate "Security Settings" menu itemOn Android, the menu item that links to the Security level page is labeled "Security Settings". Could we update both the menu item and title of the page to "Security level", in sentence case please?
Also, could the menu item reflect the...On Android, the menu item that links to the Security level page is labeled "Security Settings". Could we update both the menu item and title of the page to "Security level", in sentence case please?
Also, could the menu item reflect the current selection too—e.g.
```
**Security level**
Standard
```
In the same way that other options like Search, Tabs, HTTPS-Only Mode and Notifications do?clairehurstclairehursthttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42316TorConnect might restore old settings that were changed from the preferences2024-03-28T15:46:20ZPier Angelo VendrameTorConnect might restore old settings that were changed from the preferencesIn TorConnect we get a copy of the original settings (`this.originalSettings = TorSettings.getSettings();`) only once before trying all the settings we've received from Moat (and we bootstrap for each settings set, so the browser might t...In TorConnect we get a copy of the original settings (`this.originalSettings = TorSettings.getSettings();`) only once before trying all the settings we've received from Moat (and we bootstrap for each settings set, so the browser might take a long time to do stuff).
If the user changes settings, and we failed to bootstrap, we restore the settings we had before, which might be surprising.
So, we should check if the settings we're about to overwrite when we restore the old settings.
As a sequence of events:
1. TorConnect backup configuration A before contacting Moat
2. TorConnect sets the config B it received from Moat
3. While the bootstrap is happening, the user changes settings, producing config C
4. The boostrap fails: TorConnect restores config A!
Also, since we might receive many configuration sets, we might also apply config D, E, F and so on and possibly replace settings from configuration C.
On Android this cannot happen because going to settings stops the bootstrap, and we intend to keep this behavior at least for starters, when implementing the connection assist there.
However, on desktop is more difficult, because we have tabs.
Therefore, we might do something else, e.g., disable all the settings while we're bootstrapping, and display a message bar telling something like "The bootstrap is going on. Cancel it to unlock the settings".
## Design estimate:
* Complexity: medium (3 days)
* Figure out the appropriate solution. Should we prevent people from accessing the Settings on desktop just like on Android? Or do we create a warning for people that their settings might be overwritten?
* Create designs that solve the issue.
* Uncertainty level: moderate (1.5)
* I imagine trying to figure out which solution we should apply and how we apply it can take time.
* Total: 3-4.5 dayshttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42311Firfox doesn't like the embedded PNG in tor-browser-logo.svg2024-01-09T14:38:33ZPier Angelo VendrameFirfox doesn't like the embedded PNG in tor-browser-logo.svgI was checking if the suggestion for the patch to resolve debug problems worked, and I stumbled upon about:tor dying for the assertion in `image/imgLoader.cpp:2474`:
```
MOZ_ASSERT(NS_UsePrivateBrowsing(newChannel) == mRespectPrivacy);
...I was checking if the suggestion for the patch to resolve debug problems worked, and I stumbled upon about:tor dying for the assertion in `image/imgLoader.cpp:2474`:
```
MOZ_ASSERT(NS_UsePrivateBrowsing(newChannel) == mRespectPrivacy);
```
<details><summary>Call stack</summary>
```
__GI___clock_nanosleep (@clock_nanosleep@GLIBC_2.2.5:29)
__GI___nanosleep (@__nanosleep:9)
__sleep (@sleep:17)
common_crap_handler(int, void const*) (/home/piero/Tor/tor-browser/toolkit/xre/nsSigHandlers.cpp:96)
child_ah_crap_handler(int) (/home/piero/Tor/tor-browser/toolkit/xre/nsSigHandlers.cpp:110)
WasmTrapHandler(int, siginfo_t*, void*) (/home/piero/Tor/tor-browser/js/src/wasm/WasmSignalHandlers.cpp:799)
__restore_rt (@__restore_rt:3)
imgLoader::LoadImage(nsIURI*, nsIURI*, nsIReferrerInfo*, nsIPrincipal*, unsigned long, nsILoadGroup*, imgINotificationObserver*, nsINode*, mozilla::dom::Document*, unsigned int, nsISupports*, nsIContentPolicy::nsContentPolicyType, nsTSubstring<char16_t> const&, bool, bool, unsigned long, imgRequestProxy**) (/home/piero/Tor/tor-browser/image/imgLoader.cpp:2474)
nsContentUtils::LoadImage(nsIURI*, nsINode*, mozilla::dom::Document*, nsIPrincipal*, unsigned long, nsIReferrerInfo*, imgINotificationObserver*, int, nsTSubstring<char16_t> const&, imgRequestProxy**, nsIContentPolicy::nsContentPolicyType, bool, bool, unsigned long) (/home/piero/Tor/tor-browser/dom/base/nsContentUtils.cpp:4004)
nsImageLoadingContent::LoadImage(nsIURI*, bool, bool, nsImageLoadingContent::ImageLoadType, unsigned int, mozilla::dom::Document*, nsIPrincipal*) (/home/piero/Tor/tor-browser/dom/base/nsImageLoadingContent.cpp:1143)
nsImageLoadingContent::LoadImage(nsTSubstring<char16_t> const&, bool, bool, nsImageLoadingContent::ImageLoadType, nsIPrincipal*) (/home/piero/Tor/tor-browser/dom/base/nsImageLoadingContent.cpp:1027)
mozilla::dom::SVGImageElement::LoadSVGImage(bool, bool) (/home/piero/Tor/tor-browser/dom/svg/SVGImageElement.cpp:146)
mozilla::dom::SVGImageElement::AfterSetAttr(int, nsAtom*, nsAttrValue const*, nsAttrValue const*, nsIPrincipal*, bool) (/home/piero/Tor/tor-browser/dom/svg/SVGImageElement.cpp:215)
mozilla::dom::Element::SetAttrAndNotify(int, nsAtom*, nsAtom*, nsAttrValue const*, nsAttrValue&, nsIPrincipal*, unsigned char, bool, bool, bool, mozilla::dom::Document*, mozAutoDocUpdate const&) (/home/piero/Tor/tor-browser/dom/base/Element.cpp:2653)
mozilla::dom::Element::SetAttr(int, nsAtom*, nsAtom*, nsTSubstring<char16_t> const&, nsIPrincipal*, bool) (/home/piero/Tor/tor-browser/dom/base/Element.cpp:2506)
mozilla::dom::Element::SetAttr(int, nsAtom*, nsAtom*, nsTSubstring<char16_t> const&, bool) (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/mozilla/dom/Element.h:1000)
nsXMLContentSink::AddAttributes(char16_t const**, mozilla::dom::Element*) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:1376)
nsXMLContentSink::HandleStartElement(char16_t const*, char16_t const**, unsigned int, unsigned int, unsigned int, bool) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:957)
nsXMLContentSink::HandleStartElement(char16_t const*, char16_t const**, unsigned int, unsigned int, unsigned int) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:903)
non-virtual thunk to nsXMLContentSink::HandleStartElement(char16_t const*, char16_t const**, unsigned int, unsigned int, unsigned int) (/home/piero/Tor/tor-browser/dom/xml/nsXMLContentSink.cpp:0)
nsExpatDriver::HandleStartElement(rlbox::rlbox_sandbox<rlbox::rlbox_noop_sandbox>&, rlbox::tainted<void*, rlbox::rlbox_noop_sandbox>, rlbox::tainted<char16_t const*, rlbox::rlbox_noop_sandbox>, rlbox::tainted<char16_t const**, rlbox::rlbox_noop_sandbox>) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:477)
doContentInternal (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2920)
doContent (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2664)
contentProcessor (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2540)
MOZ_XML_ParseBuffer (/home/piero/Tor/tor-browser/parser/expat/lib/xmlparse.c:2004)
auto rlbox::rlbox_noop_sandbox::impl_invoke_with_func_ptr<XML_Status (XML_ParserStruct*, char const*, int, int), XML_Status (void*, void*, int, int), void*, void*, unsigned long, bool>(XML_Status (*)(void*, void*, int, int), void*&&, void*&&, unsigned long&&, bool&&) (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/mozilla/rlbox/rlbox_noop_sandbox.hpp:188)
auto rlbox::rlbox_sandbox<rlbox::rlbox_noop_sandbox>::INTERNAL_invoke_with_func_ptr<XML_Status (XML_ParserStruct*, char const*, int, int), rlbox::tainted<XML_ParserStruct*, rlbox::rlbox_noop_sandbox>&, rlbox::tainted<char const*, rlbox::rlbox_noop_sandbox>, unsigned long, bool>(char const*, void*, rlbox::tainted<XML_ParserStruct*, rlbox::rlbox_noop_sandbox>&, rlbox::tainted<char const*, rlbox::rlbox_noop_sandbox>&&, unsigned long&&, bool&&) (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/mozilla/rlbox/rlbox_sandbox.hpp:790)
nsExpatDriver::ParseChunk(char16_t const*, unsigned int, nsExpatDriver::ChunkOrBufferIsFinal, unsigned int*, unsigned long*) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:1248)
nsExpatDriver::ChunkAndParseBuffer(char16_t const*, unsigned int, bool, unsigned int*, unsigned int*, unsigned long*) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:1204)
nsExpatDriver::ResumeParse(nsScanner&, bool) (/home/piero/Tor/tor-browser/parser/htmlparser/nsExpatDriver.cpp:1352)
nsParser::ResumeParse(bool, bool, bool) (/home/piero/Tor/tor-browser/parser/htmlparser/nsParser.cpp:716)
nsParser::OnDataAvailable(nsIRequest*, nsIInputStream*, unsigned long, unsigned int) (/home/piero/Tor/tor-browser/parser/htmlparser/nsParser.cpp:1027)
imgRequest::OnDataAvailable(nsIRequest*, nsIInputStream*, unsigned long, unsigned int) (/home/piero/Tor/tor-browser/image/imgRequest.cpp:1068)
nsJARChannel::OnDataAvailable(nsIRequest*, nsIInputStream*, unsigned long, unsigned int) (/home/piero/Tor/tor-browser/modules/libjar/nsJARChannel.cpp:1312)
nsInputStreamPump::OnStateTransfer() (/home/piero/Tor/tor-browser/netwerk/base/nsInputStreamPump.cpp:584)
nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) (/home/piero/Tor/tor-browser/netwerk/base/nsInputStreamPump.cpp:411)
non-virtual thunk to nsInputStreamPump::OnInputStreamReady(nsIAsyncInputStream*) (/home/piero/Tor/tor-browser/netwerk/base/nsInputStreamPump.cpp:0)
CallbackHolder::CallbackHolder(nsIAsyncInputStream*, nsIInputStreamCallback*, unsigned int, nsIEventTarget*)::'lambda'()::operator()() const (/home/piero/Tor/tor-browser/xpcom/io/nsPipe3.cpp:73)
already_AddRefed<mozilla::CancelableRunnable> NS_NewCancelableRunnableFunction<CallbackHolder::CallbackHolder(nsIAsyncInputStream*, nsIInputStreamCallback*, unsigned int, nsIEventTarget*)::'lambda'()>(char const*, CallbackHolder::CallbackHolder(nsIAsyncInputStream*, nsIInputStreamCallback*, unsigned int, nsIEventTarget*)::'lambda'()&&)::FuncCancelableRunnable::Run() (/home/piero/Tor/tor-browser/obj-x86_64-pc-linux-gnu/dist/include/nsThreadUtils.h:667)
mozilla::RunnableTask::Run() (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:555)
mozilla::TaskController::DoExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:879)
mozilla::TaskController::ExecuteNextTaskOnlyMainThreadInternal(mozilla::detail::BaseAutoLock<mozilla::Mutex&> const&) (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:702)
mozilla::TaskController::ProcessPendingMTTask(bool) (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:491)
mozilla::TaskController::TaskController()::$_0::operator()() const (/home/piero/Tor/tor-browser/xpcom/threads/TaskController.cpp:218)
mozilla::detail::RunnableFunction<mozilla::TaskController::TaskController()::$_0>::Run() (/home/piero/Tor/tor-browser/xpcom/threads/nsThreadUtils.h:548)
nsThread::ProcessNextEvent(bool, bool*) (/home/piero/Tor/tor-browser/xpcom/threads/nsThread.cpp:1240)
NS_ProcessNextEvent(nsIThread*, bool) (/home/piero/Tor/tor-browser/xpcom/threads/nsThreadUtils.cpp:479)
mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) (/home/piero/Tor/tor-browser/ipc/glue/MessagePump.cpp:85)
MessageLoop::RunHandler() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:361)
MessageLoop::Run() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:343)
nsBaseAppShell::Run() (/home/piero/Tor/tor-browser/widget/nsBaseAppShell.cpp:148)
XRE_RunAppShell() (/home/piero/Tor/tor-browser/toolkit/xre/nsEmbedFunctions.cpp:724)
mozilla::ipc::MessagePumpForChildProcess::Run(base::MessagePump::Delegate*) (/home/piero/Tor/tor-browser/ipc/glue/MessagePump.cpp:235)
MessageLoop::RunHandler() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:361)
MessageLoop::Run() (/home/piero/Tor/tor-browser/ipc/chromium/src/base/message_loop.cc:343)
XRE_InitChildProcess(int, char**, XREChildData const*) (/home/piero/Tor/tor-browser/toolkit/xre/nsEmbedFunctions.cpp:659)
content_process_main(mozilla::Bootstrap*, int, char**) (/home/piero/Tor/tor-browser/ipc/contentproc/plugin-container.cpp:57)
main (/home/piero/Tor/tor-browser/browser/app/nsBrowserApp.cpp:375)
__libc_start_call_main (@__libc_start_call_main:26)
__libc_start_main_impl (@__libc_start_main@@GLIBC_2.34:43)
_start (@_start:14)
```
</details>
I'm trying an optimized build with asserts on, so many variables have been optimized out.
However, I managed to see that it was this PNG by checking `href` at the end of `mozilla::dom::SVGImageElement::LoadSVGImage`.
FWIW, I think this is a peculiarity of the YEC homepage.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42307Consider adjusting Nightly app icon color for a11y2024-01-29T19:18:54ZThorinConsider adjusting Nightly app icon color for a11yI used https://www.color-blindness.com/coblis-color-blindness-simulator/ cc @donuts to triage
![colors](/uploads/9a40f550015248dda2a429d6ad58843e/colors.png)I used https://www.color-blindness.com/coblis-color-blindness-simulator/ cc @donuts to triage
![colors](/uploads/9a40f550015248dda2a429d6ad58843e/colors.png)nicobnicobhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42300Do not store logs inside TorProvider2023-12-21T09:04:03ZPier Angelo VendrameDo not store logs inside TorProviderDropping the entire `TorProvider` in case of failure has some advantages, but also a big disadvantage: logs are stored in the `TorProvider` object.
When we drop it we also drop logs.
If Tor died for an actual bug/problem, we remove the ...Dropping the entire `TorProvider` in case of failure has some advantages, but also a big disadvantage: logs are stored in the `TorProvider` object.
When we drop it we also drop logs.
If Tor died for an actual bug/problem, we remove the way of knowing that.
So, we shouldn't store the logs in the provider, but store them elsewhere.
/related #41921https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42290"DuckDuckGoOnion" is a weird naming format for onion search engines2024-03-01T23:19:31Zdonuts"DuckDuckGoOnion" is a weird naming format for onion search enginesAt some point, we seem to have adopted this naming convention for default search engine options provided over onions in Tor Browser.
For example, on desktop we have:
- DuckDuckGoOnion
- BlockchairOnion
and on Android:
- DuckDuckGoOni...At some point, we seem to have adopted this naming convention for default search engine options provided over onions in Tor Browser.
For example, on desktop we have:
- DuckDuckGoOnion
- BlockchairOnion
and on Android:
- DuckDuckGoOnion
Our naming conventions for onion sites can be inconsistent at best, but I think "DuckDuckGo onion" would be an improvement, and "DuckDuckGo onion site" seems like the most official way to describe an onion search engine (see [Glossary / onion site](https://support.torproject.org/glossary/#onion-site)).