Tor Browser issueshttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues2023-10-09T17:50:23Zhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41727WebRTC privacy-hardening settings2023-10-09T17:50:23Zma1WebRTC privacy-hardening settingsAs noted in mullvad-browser#151, the most sensible preference changes to harden WebRTC privacy for our use cases seem to be:
- `media.peerconnection.ice.relay_only` -> `false`
- `media.peerconnection.ice.default_address_only` -> `true`
...As noted in mullvad-browser#151, the most sensible preference changes to harden WebRTC privacy for our use cases seem to be:
- `media.peerconnection.ice.relay_only` -> `false`
- `media.peerconnection.ice.default_address_only` -> `true`
- `media.peerconnection.ice.proxy_only_if_behind_proxy` -> `true`ma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40913Investigate+possible revert fix for Bugzilla 17323882022-08-25T20:55:38ZrichardInvestigate+possible revert fix for Bugzilla 1732388Introduced in Firefox 94: Bug 1732388 - support a proxy bypass flag for http requests
https://bugzilla.mozilla.org/show_bug.cgi?id=1732388Introduced in Firefox 94: Bug 1732388 - support a proxy bypass flag for http requests
https://bugzilla.mozilla.org/show_bug.cgi?id=1732388Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/31144ESR68 Network Code Review2020-09-09T22:01:17ZPili GuerraESR68 Network Code ReviewThis ticket is to cover the network code review for ESR68This ticket is to cover the network code review for ESR68https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/31019Investigate update on Windows via BITS2020-06-27T14:33:16ZGeorg KoppenInvestigate update on Windows via BITSIt seems there is coming a new update method for Windows users with Firefox 68 ESR which is called BITS (Background Intelligent Transfer Service), which is a Windows component.[1] The marketing promise is that "This change will allow Fir...It seems there is coming a new update method for Windows users with Firefox 68 ESR which is called BITS (Background Intelligent Transfer Service), which is a Windows component.[1] The marketing promise is that "This change will allow Firefox to continue downloading an update
after Firefox has been closed." [2] which seems to be dangerous in the Tor Browser context.
There is a pref we can flip, though to use the older internal updater [3]. However, we should make sure the potential proxy bypass I am seeing here is actually mitigated by that.
[1] https://www.ghacks.net/2019/06/24/firefox-will-use-bits-on-windows-for-updates-going-forward/
[2] https://groups.google.com/forum/#!topic/mozilla.dev.platform/PCzoYCfi_fk
[3] https://bugzilla.mozilla.org/show_bug.cgi?id=1553977https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/30575"unable to connect" if Firefox GPOs configure proxy settings2022-05-13T14:39:58ZTrac"unable to connect" if Firefox GPOs configure proxy settingsI am using Tor browser on a Microsoft Active Directory joined computer.
Domain admins set up Group Policy Objects configuring Firefox to use a proxy auto-configuration script.
That setting from GPO overrides automatic Tor Browser setting...I am using Tor browser on a Microsoft Active Directory joined computer.
Domain admins set up Group Policy Objects configuring Firefox to use a proxy auto-configuration script.
That setting from GPO overrides automatic Tor Browser setting to use localhost:9150 and when I try to navigate I get "Unable to connect" error page.
Tor Browser connection settings are locked by the GPO, as it is in the installed version of Firefox, and I cannot change them manually.
**Trac**:
**Username**: kT3Ycp9jwmhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/29916Group Policies for Firefox can bypass Tor Browser's proxy settings2020-06-27T14:33:56ZGeorg KoppenGroup Policies for Firefox can bypass Tor Browser's proxy settingsAssuming your Windows environment has a Firefox group policy (GPO) that specifies e.g. using system proxy settings then Tor Browser happily follows that and is ignoring its own proxy settings without notifying users.
What should actuall...Assuming your Windows environment has a Firefox group policy (GPO) that specifies e.g. using system proxy settings then Tor Browser happily follows that and is ignoring its own proxy settings without notifying users.
What should actually happen is that Tor Browser is ignoring those Firefox GPO settings instead.
This got tested with Tor Browser 8.0.8 on Win10 1709.
Thanks to Kit Chung for this report.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/28369remove pingsender from Tor Browser2020-06-27T14:34:36ZMark Smithremove pingsender from Tor BrowserIn https://bugzilla.mozilla.org/show_bug.cgi?id=1310703 (for Firefox 54), Mozilla added a `pingsender` executable that uses libcurl to send telemetry info when a crash occurs. While we disable telemetry by pref, for defense-in-depth agai...In https://bugzilla.mozilla.org/show_bug.cgi?id=1310703 (for Firefox 54), Mozilla added a `pingsender` executable that uses libcurl to send telemetry info when a crash occurs. While we disable telemetry by pref, for defense-in-depth against a potential proxy bypass we should stop shipping the pingsender executable.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/28125Don't let Android leak DNS queries2020-09-09T22:01:17ZMatthew FinkelDon't let Android leak DNS queriesIn legacy/trac#27431 and legacy/trac#27375, it was reported Android is leaking DNS requests. From [ticket:27431#comment:1 27431], in summary:
```
This is exactly what we feared. It looks like this is the result
of a bug within the Andro...In legacy/trac#27431 and legacy/trac#27375, it was reported Android is leaking DNS requests. From [ticket:27431#comment:1 27431], in summary:
```
This is exactly what we feared. It looks like this is the result
of a bug within the Android core HTTP library. This leak is already
fixed in the more recent releases of Android. In particular, any
version after Android O (API 26+) should not leak DNS queries.
```
We should patch TBA so it relies on the Android core library as little as possible. We don't need the fancy optimizations Android provide with request pools and such, so I think we can simply create and manage a proxy connection ourselves.
legacy/trac#27822 maybe related (but there isn't enough info available).https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27822TBA is leaking DNS2020-06-27T14:34:53ZcypherpunksTBA is leaking DNSTBA is making DNS queries outside proxy. Almost every domain is leaking.TBA is making DNS queries outside proxy. Almost every domain is leaking.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27603Internet Download Manager (IDM) is broken with Tor Browser 82022-07-12T18:28:31ZGeorg KoppenInternet Download Manager (IDM) is broken with Tor Browser 8Tor Browser 8 breaks the Internet Download Manager (IDM) extension even though it is compatible with Firefox 60, see: https://blog.torproject.org/comment/277004#comment-277004.Tor Browser 8 breaks the Internet Download Manager (IDM) extension even though it is compatible with Firefox 60, see: https://blog.torproject.org/comment/277004#comment-277004.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27019TBA: Audit thirdparty apache/commons/codec2020-06-27T14:35:24ZMatthew FinkelTBA: Audit thirdparty apache/commons/codecProxy-safe?
```
$ ls mobile/android/thirdparty/org/mozilla/apache/commons/codec/
binary BinaryEncoder.java DecoderException.java digest Encoder.java net package.html StringEncoderComparat...Proxy-safe?
```
$ ls mobile/android/thirdparty/org/mozilla/apache/commons/codec/
binary BinaryEncoder.java DecoderException.java digest Encoder.java net package.html StringEncoderComparator.java
BinaryDecoder.java CharEncoding.java Decoder.java EncoderException.java language overview.html StringDecoder.java StringEncoder.java
```https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27018TBA: Audit thirdparty dspec2020-06-27T14:35:24ZMatthew FinkelTBA: Audit thirdparty dspecProxy-safe?
```
$ ls mobile/android/thirdparty/org/lucasr/dspec/
DesignSpec.java RawResource.java
```Proxy-safe?
```
$ ls mobile/android/thirdparty/org/lucasr/dspec/
DesignSpec.java RawResource.java
```https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27017TBA: Audit thirdparty json2020-06-27T14:35:24ZMatthew FinkelTBA: Audit thirdparty jsonProxy-safe?
```
$ ls mobile/android/thirdparty/org/json/simple/
ItemList.java JSONArray.java JSONAware.java JSONObject.java JSONStreamAware.java JSONValue.java LICENSE.txt parser
```Proxy-safe?
```
$ ls mobile/android/thirdparty/org/json/simple/
ItemList.java JSONArray.java JSONAware.java JSONObject.java JSONStreamAware.java JSONValue.java LICENSE.txt parser
```https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27016TBA: Audit thirdparty picasso2020-06-27T14:35:24ZMatthew FinkelTBA: Audit thirdparty picassoProxy-safe?
```
$ ls mobile/android/thirdparty/com/squareup/picasso/
Action.java ContentStreamBitmapHunter.java GetAction.java PicassoDrawable.java Stats.java Utils.ja...Proxy-safe?
```
$ ls mobile/android/thirdparty/com/squareup/picasso/
Action.java ContentStreamBitmapHunter.java GetAction.java PicassoDrawable.java Stats.java Utils.java
AssetBitmapHunter.java DeferredRequestCreator.java ImageViewAction.java PicassoExecutorService.java StatsSnapshot.java
BitmapHunter.java Dispatcher.java LruCache.java Picasso.java TargetAction.java
Cache.java Downloader.java MarkableInputStream.java RequestCreator.java Target.java
Callback.java FetchAction.java MediaStoreBitmapHunter.java Request.java Transformation.java
ContactsPhotoBitmapHunter.java FileBitmapHunter.java NetworkBitmapHunter.java ResourceBitmapHunter.java UrlConnectionDownloader.java
```https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27015TBA: Audit thirdparty leakcanary2020-06-27T14:35:25ZMatthew FinkelTBA: Audit thirdparty leakcanaryProxy-safe?
```
$ ls mobile/android/thirdparty/com/squareup/leakcanary/
LeakCanary.java RefWatcher.java
```Proxy-safe?
```
$ ls mobile/android/thirdparty/com/squareup/leakcanary/
LeakCanary.java RefWatcher.java
```https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27014TBA: Audit thirdparty disklrucache2020-06-27T14:35:25ZMatthew FinkelTBA: Audit thirdparty disklrucacheProxy-safe?
```
$ ls mobile/android/thirdparty/com/jakewharton/disklrucache/
DiskLruCache.java StrictLineReader.java Util.java
```Proxy-safe?
```
$ ls mobile/android/thirdparty/com/jakewharton/disklrucache/
DiskLruCache.java StrictLineReader.java Util.java
```https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27013TBA: Audit thirdparty selfbraille2020-06-27T14:35:25ZMatthew FinkelTBA: Audit thirdparty selfbrailleProxy-safe?
```
$ ls mobile/android/thirdparty/com/googlecode/eyesfree/braille/selfbraille/
ISelfBrailleService.java SelfBrailleClient.java WriteData.java
```Proxy-safe?
```
$ ls mobile/android/thirdparty/com/googlecode/eyesfree/braille/selfbraille/
ISelfBrailleService.java SelfBrailleClient.java WriteData.java
```https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27012TBA: Audit thirdparty booking2020-06-27T14:35:25ZMatthew FinkelTBA: Audit thirdparty bookingProxy-safe?
```
$ ls mobile/android/thirdparty/com/booking/rtlviewpager/
PagerAdapterWrapper.java RtlViewPager.java
```Proxy-safe?
```
$ ls mobile/android/thirdparty/com/booking/rtlviewpager/
PagerAdapterWrapper.java RtlViewPager.java
```https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/26874Investigate UNC path restrictions failure in Tor Browser 8.0a92022-08-23T19:22:12ZGeorg KoppenInvestigate UNC path restrictions failure in Tor Browser 8.0a9Filippo Cavallarin reported that the UNC path restrictions that got made available through https://bugzilla.mozilla.org/show_bug.cgi?id=1413868 are not working in Tor Browser 8.0a9. Surprisingly, Tor Browser 7.5.6 and Firefox 60.1.0 ESR ...Filippo Cavallarin reported that the UNC path restrictions that got made available through https://bugzilla.mozilla.org/show_bug.cgi?id=1413868 are not working in Tor Browser 8.0a9. Surprisingly, Tor Browser 7.5.6 and Firefox 60.1.0 ESR are fine.richardrichardhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/26529TBA - Notify user about possible proxy-bypass before opening external app2020-06-27T14:35:39ZMatthew FinkelTBA - Notify user about possible proxy-bypass before opening external appigt0 and I already discussed this, but I don't see a ticket for this. Torbutton currently does this when the user asks Tor Browser to open a file. I doubt we can continue relying on `Ci.nsIHelperAppWarningDialog` for this, so we'll likel...igt0 and I already discussed this, but I don't see a ticket for this. Torbutton currently does this when the user asks Tor Browser to open a file. I doubt we can continue relying on `Ci.nsIHelperAppWarningDialog` for this, so we'll likely need another method for catching this action.
I'm putting this into torbutton's component category for now, because that is where we catch this situation on desktop, but we may need to implement something directly within fennec, on mobile.