Tor Browser issueshttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues2023-09-25T14:15:04Zhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41764TTP-02-004 OOS: No user-activation required to download files (Low)2023-09-25T14:15:04ZrichardTTP-02-004 OOS: No user-activation required to download files (Low)>>>
## Description
When investigating the new security warnings related to the downloaded files, Cure53 observed that there were no safeguards in place to restrict the number of files that could be downloaded by a single webpage.
This i...>>>
## Description
When investigating the new security warnings related to the downloaded files, Cure53 observed that there were no safeguards in place to restrict the number of files that could be downloaded by a single webpage.
This issue is a result of the `browser.download.enable_spam_prevention` flag being set to `false`. As a result, malicious pages can download an unlimited number of arbitrary files to the user's **Downloads** folder without any user-interaction. Additionally, this could also lead to DoS attacks on the user's browser. The approach would entail continuous downloads of files.
## PoC:
```html
<html>
<body>
<script>
onload = () => {
let counter = 0;
let timer = setInterval(() => {
if (counter == 50)
clearInterval (timer);
download.click();
counter++;
}, 1);
}
</script>
<a id="download" href="data:text/html,1337" download="poc.html"></a>
</body>
</html>
```
## Steps to reproduce:
1. Open the Tor Browser and connect to it.
2. Save the PoC above as an HTML file and open it on the Tor Browser.
3. Observe that fifty downloads will start automatically and be dropped in the default **Downloads** folder.
To mitigate this issue, Cure53 advises changing the value of the `browser.download.enable_spam_prevention` flag to `true`. The change will prevent malicious pages from automatically downloading multiple files. Instead, it will require the user to actively grant permission to the webpage, if they wish to initiate multiple downloads.
>>>ma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41749Replace the onion-glyph with dedicated icon for onion services2023-06-15T10:15:56ZdonutsReplace the onion-glyph with dedicated icon for onion servicesAs part of our wider push to reduce the use of the onion-glyph (i.e. the flattened version of Tor Browser’s application icon) for application-agnostic features, @nicob has created a new icon to represent onion services:
Here are the SVG...As part of our wider push to reduce the use of the onion-glyph (i.e. the flattened version of Tor Browser’s application icon) for application-agnostic features, @nicob has created a new icon to represent onion services:
Here are the SVGs:
- [onion-site.svg](/uploads/d33f9c01174996fa18770ab4b8619076/onion-site.svg)
- [onion-site-warning.svg](/uploads/4ef20e70dda392867c20fe37747a2303/onion-site-warning.svg)
- [onion-site-broken.svg](/uploads/82852093d292ba20c7a85216ddb75975/onion-site-broken.svg)
Here are some mockups:
**.onion available**
![onion-available](/uploads/2d742819dcad539232589f0b929d8083/onion-available.png)
**Normal**
![onion-site](/uploads/b3d39c9b8f3c98ec0aee1e274ae09dab/onion-site.png)
**Warning**
![onion-site-warning](/uploads/1079862eb34fc60dc2c01a84e8579711/onion-site-warning.png)
**Broken**
![onion-site-broken](/uploads/e612bb8eb391cfa30e1cd8fcbf878a26/onion-site-broken.png)
**Android**
![onion-site-android](/uploads/dd7ebd4d7cf50b94124b75a0f394c004/onion-site-android.png)
And the Figma file's ready for dev-handoff here: [Figma link](https://www.figma.com/file/RS584DcR4emXrw1F8g3l5x/Tor-Browser-12.5?node-id=621%3A19558&t=RxQvK5NtLGftkWoL-1)
N.B. Please refer back to the standard `security` (i.e. padlock) icon when selecting theme-based color fills. I've got no idea if the red we've used is correct, or if it's theme-specific.Dan BallardDan Ballardhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41734Add a `Connected` flag to indicate which built-in bridge option Tor Browser i...2023-11-14T18:34:58ZDan BallardAdd a `Connected` flag to indicate which built-in bridge option Tor Browser is currently usingLeft over bridges UX work from #41617:
* [ ] Adding a `✔ Connected` flag to indicate with built-in bridge option Tor Browser is currently using
The Figma file is ready for dev handoff here: [Figma link](https://www.figma.com/file/RS584...Left over bridges UX work from #41617:
* [ ] Adding a `✔ Connected` flag to indicate with built-in bridge option Tor Browser is currently using
The Figma file is ready for dev handoff here: [Figma link](https://www.figma.com/file/RS584DcR4emXrw1F8g3l5x/Tor-Browser-12.5?node-id=62%3A10116&t=41hhHGHnJTkIHnmo-1)henryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41726Animate the torconnect icon to transition between connected states2023-06-12T16:52:57ZdonutsAnimate the torconnect icon to transition between connected statesAs part of the work to add the new torconnect button to the browser chrome in https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41608, I was thinking it might be cute to animate it out – i.e. transform the icon from its...As part of the work to add the new torconnect button to the browser chrome in https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41608, I was thinking it might be cute to animate it out – i.e. transform the icon from its broken to normal state (without the oblique slash), and potentially include a color shift, before it automatically exits the toolbar.
@henry has looked into how the reload button works in Fx, and has dug up the following:
> I looked into what firefox does for their reload and download-complete animations. Basically they create a [single svg that contains all the 20px by 20px frames in a strip](https://searchfox.org/mozilla-esr102/rev/6aa2f11bd75db8c74a0fe67d0f7a1550ca1d2b00/browser/themes/shared/icons/stop-to-reload.svg):
>
> ![firefox stop-to-reload animation frames](https://gitlab.torproject.org/tpo/applications/tor-browser/uploads/7c05f56ba7a938a193cccb52312d23ed/stop-to-reload.svg)
>
> then they [only expose one frame from the strip at a time](https://searchfox.org/mozilla-esr102/rev/6aa2f11bd75db8c74a0fe67d0f7a1550ca1d2b00/browser/themes/shared/toolbarbutton-icons.css#137-145) and [step-transform along it](https://searchfox.org/mozilla-esr102/rev/6aa2f11bd75db8c74a0fe67d0f7a1550ca1d2b00/browser/themes/shared/toolbarbutton-icons.css#90-109).
>
> So we should probably do a similar thing if we want to animate the "not connected" to "connected" transformation.henryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41722Regression: window maximization warning cannot be closed by the X button2023-04-19T19:57:29ZThorinRegression: window maximization warning cannot be closed by the X buttonfollowing on from #41561 @ma1
TB
- flip letterboxing off
- note: extensions.torbutton.maximize_warnings_remaining = 3
- go full screen
- warning does not show (I am not on an HTTPS origin)
- F11 to restore - now the warning shows
- if ...following on from #41561 @ma1
TB
- flip letterboxing off
- note: extensions.torbutton.maximize_warnings_remaining = 3
- go full screen
- warning does not show (I am not on an HTTPS origin)
- F11 to restore - now the warning shows
- if maximizing instead of FS, it works fine
- ToDo?: suppress the warning in exiting FS or make the warning show in FS
- ToDo?: `OK` vs `X` is confusing - `X` reduces the count, `OK` doesn't - this seems backwards (but I can see both sides) - anyway, it seems to confuse users. OK means the user (likely read the message and) acknowledged the warning, X means they ignored it and decided to not take action, so IMO this is backwards.
MB
- the same issues above would apply since it is based on TB
- but we also have https://github.com/mullvad/mullvad-browser/issues/44
- here the warning pref doesn't exist and the message cannot be dismissed via `X` only via `Restore` button
- also why is MB using `Restore` and TB using `OK` as strings?
Flip your LBing pref back on, people!
Honestly, why have the X button at all? Seems convoluted :)ma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41719Update title and button strings in the new circuit display to sentence case2023-04-17T20:32:23ZdonutsUpdate title and button strings in the new circuit display to sentence caseIt looks like the browser chrome is already mostly sentence case (qith the exception of the ETP panel, which we have disabled anyway), so I think we should go ahead and sentence-case-ify the new circuit display straight away.
- `Tor Cir...It looks like the browser chrome is already mostly sentence case (qith the exception of the ETP panel, which we have disabled anyway), so I think we should go ahead and sentence-case-ify the new circuit display straight away.
- `Tor Circuit` → `Tor circuit`
- `Guard` → `guard`
- `New Circuit for this Site` → `New circuit for this site`
^ We actually use `New Tor circuit for this site` in the application menu already, so we could switch the circuit display to use that string instead for consistency.
Not sure if there are any more strings lurking there.henryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41718Add the external filetype warning to about:downloads2023-06-08T11:19:45ZdonutsAdd the external filetype warning to about:downloadsIn https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40701 we deprecated the external filetype dialog, and incorporated the warning into the Downloads wingpanel instead. @henry suggested in MR https://gitlab.torproject....In https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40701 we deprecated the external filetype dialog, and incorporated the warning into the Downloads wingpanel instead. @henry suggested in MR https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/595#note_2892920 that we could add the same warning to `about:downloads` too.
I think a standard grey messagebar would be fine.henryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41714“Show Fewer Bridges” button missing from refactored remove all bridges UI2023-05-01T12:53:10Zdonuts“Show Fewer Bridges” button missing from refactored remove all bridges UIWhen the full list of bridges has been revealed, “Show All Bridges” should now be replaced with a button labeled “Show Fewer Bridges” that collapses the list again.
See the [Figma file](https://www.figma.com/file/RS584DcR4emXrw1F8g3l5x/...When the full list of bridges has been revealed, “Show All Bridges” should now be replaced with a button labeled “Show Fewer Bridges” that collapses the list again.
See the [Figma file](https://www.figma.com/file/RS584DcR4emXrw1F8g3l5x/Tor-Browser-12.5?node-id=1%3A2&t=i8S80oGAMzN828LD-1) for ref. Thanks!Sponsor 30 - Objective 3.7Dan BallardDan Ballard2023-04-17https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41713“Remove All Bridges” button only appears after hitting “Show All Bridges"2023-05-01T12:53:10Zdonuts“Remove All Bridges” button only appears after hitting “Show All Bridges"In https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41085 we updated the “Remove All Bridges” UI so that the button is permanently visible, rather than being revealed after hitting the “Show All Bridges” button.
Howev...In https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41085 we updated the “Remove All Bridges” UI so that the button is permanently visible, rather than being revealed after hitting the “Show All Bridges” button.
However it looks like the button is still hidden until all bridges are revealed. Can we get that updated please?Sponsor 30 - Objective 3.7Dan BallardDan Ballard2023-04-17https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41702The connection pill needs to be centered vertically2023-04-17T20:28:02ZPier Angelo VendrameThe connection pill needs to be centered vertically<details><summary>So triggering!</summary>
![Screenshot_from_2023-03-29_10-28-05](/uploads/db3d402642be83967c3ebc517fc1bd9d/Screenshot_from_2023-03-29_10-28-05.png)
(`layout.css.devPixelsPerPx` at `1.7`)
</details><details><summary>So triggering!</summary>
![Screenshot_from_2023-03-29_10-28-05](/uploads/db3d402642be83967c3ebc517fc1bd9d/Screenshot_from_2023-03-29_10-28-05.png)
(`layout.css.devPixelsPerPx` at `1.7`)
</details>ma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41698Reword the recommendation badges in about:addons2023-07-05T20:59:01ZPier Angelo VendrameReword the recommendation badges in about:addons`about:addons` can show some badges on the extensions, in addition to the one that says that the extension is enabled in incognito.
Should we hide them?
I guess that AMO reviews are better than no reviews, but I think that in case we s...`about:addons` can show some badges on the extensions, in addition to the one that says that the extension is enabled in incognito.
Should we hide them?
I guess that AMO reviews are better than no reviews, but I think that in case we should change the text, because at the moment it says:
> Tor Browser only recommends extensions that meet our standards for security and performance
It's the same message as Firefox, but in our case I think it's misleading.Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41691"Firefox Suggest" text appearing in UI2023-10-05T12:47:24Zhenry"Firefox Suggest" text appearing in UI## Steps to reproduce
In 12.0.4:
1. Open example.org in a tab.
2. Open a new tab, and start typing "example.org".
## Result
Below the URL bar you will see "Firefox Suggest", as it suggests switching tabs. Also happens with bookmarks....## Steps to reproduce
In 12.0.4:
1. Open example.org in a tab.
2. Open a new tab, and start typing "example.org".
## Result
Below the URL bar you will see "Firefox Suggest", as it suggests switching tabs. Also happens with bookmarks.
## Expect
No appearance of "Firefox".
## Origin
I think this comes from `-firefox-suggest-brand-name` used for `urlbar-group-firefox-suggest`. I guess "Firefox Suggest" is a product name since, whilst it includes just a local search of tabs and bookmarks, [in the US it also includes](https://support.mozilla.org/en-US/kb/firefox-suggest)
> Top pick - Featured suggestions from Firefox and our partners
I'm guessing we have that last part disabled in Tor Browser, so we're not really using the "Firefox Suggest" part of the product. So maybe we'd be better off changing `urlbar-group-firefox-suggest` to our own string, rather than `-firefox-suggest-brand-name` itself.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41651Use moz-toggle in connection preferences2023-10-03T15:34:25ZhenryUse moz-toggle in connection preferencesOur connection preferences currently use `<checkbox class="toggle-button">` but next ESR release will contain the `<moz-toggle>` ([bugzilla bug 1799466](https://bugzilla.mozilla.org/show_bug.cgi?id=1799466)) which we can use. Basically, ...Our connection preferences currently use `<checkbox class="toggle-button">` but next ESR release will contain the `<moz-toggle>` ([bugzilla bug 1799466](https://bugzilla.mozilla.org/show_bug.cgi?id=1799466)) which we can use. Basically, we want to follow [bugzilla bug 1799471](https://bugzilla.mozilla.org/show_bug.cgi?id=1799471).
Note that it changes the accessible role of the element from a "checkbox" to a "toggle-button".
The main difference in firefox is that they put their `<label>` before the toggle. E.g. see the firefox quick suggestion Address Bar settings when "browser.urlbar.quicksuggest.enabled" is true. Similarly, the addon toggle tends to be end-aligned. We could optionally follow the same style, but I think we'll be ok just placing the `<label>` manually ourselves.henryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41642Do not hide new PBM in the hamburger menu if auto PBM is not enabled2023-10-03T15:37:43ZPier Angelo VendrameDo not hide new PBM in the hamburger menu if auto PBM is not enabledImprovement for 2a6e497977d8ab4996d8a1c77dbdcb1ae60eb486.Improvement for 2a6e497977d8ab4996d8a1c77dbdcb1ae60eb486.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41623Update connection assist's iconography2023-06-15T10:15:58ZdonutsUpdate connection assist's iconographyWe designed new iconography for connection assist last year, but never handed it over for implementation.
I had planned on waiting until the next major revision of torconnect to ship the new icons (see https://gitlab.torproject.org/tpo/...We designed new iconography for connection assist last year, but never handed it over for implementation.
I had planned on waiting until the next major revision of torconnect to ship the new icons (see https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41621, and this [WIP Figma file](https://www.figma.com/file/gFE1rXBMdbZGJAIdwtZ508/Tor-Browser-13.0?node-id=0%3A1&t=cic5Swm3tv65MX6x-1)), however since the new torconnect icon will be making an appearance in the browser chrome (https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41608) and connection settings (https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41618) sooner than planned, we should ship these at the same time in Tor Browser 12.5 for consistency.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & TibetDan BallardDan Ballardhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41618Update the iconography used in the status strip in connection settings2023-06-08T11:01:40ZdonutsUpdate the iconography used in the status strip in connection settingsWe're introducing a new pair of icons (regular and broken) representing Tor Browser's connection state in https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41608. In addition to updating the browser chrome, there are a ...We're introducing a new pair of icons (regular and broken) representing Tor Browser's connection state in https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41608. In addition to updating the browser chrome, there are a small number of changes that will need made to `about:preferences#connection` too.
These include:
- [ ] Removing the "Connect" info bars
- [ ] Removing the check (✔) and warning (⚠️) icons from the Internet and Tor Network statuses
- [ ] Replacing the Tor Network icon with the new torconnect icons (regular when connected, and broken when not)
We could also use a tiny bit more padding between the connection status label and buttons, as per the design pls.
The Figma file's ready for dev handoff here: [Figma link](https://www.figma.com/file/RS584DcR4emXrw1F8g3l5x/Tor-Browser-12.5?node-id=79%3A14487&t=41hhHGHnJTkIHnmo-1)
These fixes will be ran through additional usability testing in March/April as part of ~"Sponsor 30" before they reach stable in 12.5.henryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41617Improve the UX of the built-in bridges dialog2023-06-05T13:56:18ZdonutsImprove the UX of the built-in bridges dialogWe've observed that users often find it difficult to differentiate between Tor Browser's various bridge options, tend to choose a built-in bridge option at random (see: https://gitlab.torproject.org/tpo/ux/research/-/issues/100), and hav...We've observed that users often find it difficult to differentiate between Tor Browser's various bridge options, tend to choose a built-in bridge option at random (see: https://gitlab.torproject.org/tpo/ux/research/-/issues/100), and have trouble figuring out how to connect afterwards (see: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41060).
In response, we're proposing:
- [x] Updating the “Bridges” section description on `about:preferences#connection` to include the word “securely”.
- [x] Updating the title and description of the built-in bridges dialog
- [x] Updating the individual descriptions that accompany each of the built-in bridge options
- [ ] Fixing the size and styling of the dialog and its constituent elements to make it more consistent with Firefox
- [x] Replacing the `OK` button with a `Connect` button when not connected
- [ ] Adding a `✔ Connected` flag to indicate with built-in bridge option Tor Browser is currently using
The Figma file is ready for dev handoff here: [Figma link](https://www.figma.com/file/RS584DcR4emXrw1F8g3l5x/Tor-Browser-12.5?node-id=62%3A10116&t=41hhHGHnJTkIHnmo-1)
These fixes will be ran through additional usability testing in March/April as part of ~"Sponsor 30" before they reach stable in 12.5.Sponsor 30 - Objective 3.7Dan BallardDan Ballard2023-04-17https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41613Skip Drag & Drop filtering for DNS-safe URLs (no hostname, e.g. RFC3966 tel:)2023-06-15T09:47:03Zma1Skip Drag & Drop filtering for DNS-safe URLs (no hostname, e.g. RFC3966 tel:)Some URLs are convenient to drag & drop (e.g. [phone numbers embedded in tel: URLs)](https://forum.torproject.net/t/drag-and-drop-protections-in-tor-browser-12-0/5854/10) and cannot trigger unwanted DNS requests because they've got no ho...Some URLs are convenient to drag & drop (e.g. [phone numbers embedded in tel: URLs)](https://forum.torproject.net/t/drag-and-drop-protections-in-tor-browser-12-0/5854/10) and cannot trigger unwanted DNS requests because they've got no hostname.
Let's avoid filtering them.ma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41608Improve the UX of the location bar's connection status2023-06-12T16:52:33ZdonutsImprove the UX of the location bar's connection statusAs part of https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41060, we explored beefing up the styling of the connection status in the location bar – and revealing a tiny `Connect` button when the user navigates away fr...As part of https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41060, we explored beefing up the styling of the connection status in the location bar – and revealing a tiny `Connect` button when the user navigates away from `about:torconnect`.
Changes include:
- [ ] Adding the new torconnect icon(s)
- [ ] Revealing an extra tiny button after tabbing away from `about:torconnect`
- [ ] Adding an additional `Potentially Blocked` (which should exist in `about:preferences#connection`'s status strip already)
- [ ] Additional styling updates
The Figma file's ready for dev handoff here: [Figma link](https://www.figma.com/file/RS584DcR4emXrw1F8g3l5x/Tor-Browser-12.5?node-id=2%3A14695&t=JdoAW2xcF87Hqnjd-1)
These fixes will be ran through additional usability testing in March/April as part of ~"Sponsor 30" before they reach stable in 12.5.henryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41607Update "New Circuit" icon2023-05-04T08:45:36ZdonutsUpdate "New Circuit" iconSince we're shifting back to use a more circuit-y icon to represent Tor Circuits in https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41600, we should maybe also update the optional toolbar icon that currently looks lik...Since we're shifting back to use a more circuit-y icon to represent Tor Circuits in https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41600, we should maybe also update the optional toolbar icon that currently looks like this:
![new-circuit-in-toolbar](/uploads/43801685d93f4f492bef953f0f0e099c/new-circuit-in-toolbar.png)
What do you think @nicob?Sponsor 30 - Objective 3.7henryhenry2023-04-17