Tor Browser merge requestshttps://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests2024-03-28T18:43:13Zhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/969Bug 42490: Write the browser logo SVG also outside of omni.ja.2024-03-28T18:43:13ZPier Angelo VendrameBug 42490: Write the browser logo SVG also outside of omni.ja.## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#42490
- mullvad-browser#xxxxx
- tor-browser-build#xxxxx
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#42490
- mullvad-browser#xxxxx
- tor-browser-build#xxxxx
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Localization**: typos and other localization changes that should be also in the release branch
- [ ] **Other**: please explain
### Merging
- [x] Merge to `tor-browser` - `!fixups` to `tor-browser`-specific commits, new features, security backports
- [ ] Merge to `base-browser` - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports
- **NOTE**: if your changeset includes patches to both `base-browser` and `tor-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
#### Change Description
Export `about-logo.svg` outside the `omni.ja` on Linux, to use it on the desktop files in addition to our raster images.
I decided to use `about-logo.svg` instead of another file because Firefox branding also have it, so it doesn't break using them (even though they're already more or less broken, at least I don't add breaking changes).
#### How Tested
Tested that about:tor still shows the correct logo, tested that we have `about-logo.svg` in the correct directory.Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/968Bug 42479: Improve TorConnect error handling2024-03-28T17:19:12ZPier Angelo VendrameBug 42479: Improve TorConnect error handling## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#42479
- mullvad-browser#xxxxx
- tor-browser-build#xxxxx
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#42479
- mullvad-browser#xxxxx
- tor-browser-build#xxxxx
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Localization**: typos and other localization changes that should be also in the release branch
- [ ] **Other**: please explain
### Merging
- [x] Merge to `tor-browser` - `!fixups` to `tor-browser`-specific commits, new features, security backports
- [ ] Merge to `base-browser` - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports
- **NOTE**: if your changeset includes patches to both `base-browser` and `tor-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- @henry because they know these parts of code very well at this point and always give lot of very useful information
- @dan/@clairehurst for the smallish Android part
#### Change Description
This started with removing localization from backend, and improving the general error reporting... eventually ended up adding also some other changes (reset the progress to 0 when going back to configuring, face more specific errors to the users in case of a tor startup error).
I don't know if this MR's approach is the best to solve these problems.
Having localization in the backend is very ugly, but maybe should we create a separate middle-level module to pass translated strings to Android, to avoid repeating some strings?
Notice that at the moment GV doesn't include any translation.
It should be very useful for Android to get the error codes.
I thought of implementing them as an `enum`, but I didn't know how to create a conversion.
After this change firefox-android breaks, but I will open a (draft) MR also for that, assuming we keep the same prototype.
I think this might help the Android work in the immediate terms... but I won't be here next week.
So, if needed you can close this MR and someone else can take my branch, change it and merge the changed one instead.
Otherwise, if it's okay, I'll be back for changes on Monday 8.
This could probably be useful to `aboutTorConnect.js` itself, but I didn't want to make the MR too big (and we might end up doing a lot of changes there anyway in the future).
#### How Tested
- Checked I didn't get strange errors on the bootstrap (also checked the censorship circumvention)
- Checked the localization of the errors work as expected by trying to localize errors from the console
- Tried to rename the `tor` binary, to trigger a startup error that says it cannot find it
- I don't know how to create errors with a phase/reason from the tor side. I tried to rename the PTs, but that ended in tor crashing instead of reporting the errorPier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/967Bug 42491: Add mozconfig-linux-aarch642024-03-28T13:23:58ZNoisyCoilBug 42491: Add mozconfig-linux-aarch64## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#42491
- tor-browser-build#12631
- tor-browser-build#32355
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as so...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#42491
- tor-browser-build#12631
- tor-browser-build#32355
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Localization**: typos and other localization changes that should be also in the release branch
- [ ] **Other**: please explain
### Merging
- [x] Merge to `tor-browser` - `!fixups` to `tor-browser`-specific commits, new features, security backports
- [ ] Merge to `base-browser` - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports
- **NOTE**: if your changeset includes patches to both `base-browser` and `tor-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [ ] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
#### Change Description
This MR adds the `mozconfig` for `tor-browser`'s `linux-aarch64` target.
#### How Tested
Via https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/merge_requests/920.NoisyCoilNoisyCoilhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/966Bug 42192: Correctly round new windows when bookmarks toolbar is set to "Only...2024-03-28T16:41:54Zma1Bug 42192: Correctly round new windows when bookmarks toolbar is set to "Only Show on New Tab"## Merge Info
### Related Issues
- tor-browser#42192
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before ba...## Merge Info
### Related Issues
- tor-browser#42192
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [ ] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Localization**: typos and other localization changes that should be also in the release branch
- [ ] **Other**: please explain
### Merging
- [ ] Merge to `tor-browser` - `!fixups` to `tor-browser`-specific commits, new features, security backports
- [ ] Merge to `base-browser` - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports
- **NOTE**: if your changeset includes patches to both `base-browser` and `tor-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [ ] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
#### Change Description
#### How Tested
With the default "Show Only on New Tab" bookmarks toolbar visibility and the default new tab home page, try to open a new window (with the bookmarks toolbar visible), then switch it to a [normal page](https://arkenfox.github.io/TZP/tzp.html)) (bookmarks toolbar automatically hidden).
In current stable and alpha up to 13.5a6 the page will get letterboxed (or "bad" window size by the offset of the disappeared toolbar if letterboxing is disabled).
This patch will automatically shrink the window to account for the disappeared extra chrome.
Cooking testbuilds for @thorin and @donuts .ma1ma1https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/965Migrate crypto safety strings to Fluent2024-03-27T18:31:27ZhenryMigrate crypto safety strings to Fluent## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42202
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed a...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42202
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Localization**: typos and other localization changes that should be also in the release branch
- [ ] **Other**: please explain
### Merging
- [x] Merge to `tor-browser` - `!fixups` to `tor-browser`-specific commits, new features, security backports
- [ ] Merge to `base-browser` - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports
- **NOTE**: if your changeset includes patches to both `base-browser` and `tor-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
#### Change Description
Convert the crypto safety dialog to Fluent.
#### How Tested
Should get warning through the following steps:
1. Visit http.badssl.com
2. Proceed to HTTP site.
3. In web console `document.body.append("1abcdefghijkabcdefghijkabcdefghijk")`.
4. Copy the newly added text to clipboard.henryhenryhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/961Bug 41901: Hardcode normalized FontSubstitutes.2024-03-28T18:32:39ZPier Angelo VendrameBug 41901: Hardcode normalized FontSubstitutes.## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#41901
- mullvad-browser#xxxxx
- tor-browser-build#xxxxx
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#41901
- mullvad-browser#xxxxx
- tor-browser-build#xxxxx
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [x] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [x] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Localization**: typos and other localization changes that should be also in the release branch
- [ ] **Other**: please explain
Against backporting:
- not-so-trivial change
- 13.0 is going EOL soon enough
### Merging
- [x] Merge to `tor-browser` - `!fixups` to `tor-browser`-specific commits, new features, security backports
- [x] Merge to `base-browser` - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports
- **NOTE**: if your changeset includes patches to both `base-browser` and `tor-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [ ] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
#### Change Description
Prevent Firefox from reading registry values for font aliases.
Instead, we hardcode a list to be sure not to break UX for certain users.
#### How Tested
See the issue.Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/951Geckoview tools2024-03-28T17:44:42ZDan BallardGeckoview tools## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs ...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Localization**: typos and other localization changes that should be also in the release branch
- [ ] **Other**: please explain
### Merging
- [ ] Merge to `tor-browser` - `!fixups` to `tor-browser`-specific commits, new features, security backports
- [ ] Merge to `base-browser` - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports
- **NOTE**: if your changeset includes patches to both `base-browser` and `tor-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [ ] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
#### Change Description
<!-- Whatever context the reviewer needs to effectively review the patchset; if the patch includes UX updates be sure to include screenshots/video of how any new behaviour -->
#### How Tested
built geckoview
```
cd tools/geckoview
make clobber
make config
make build
make package
ls ~/.m2/repository/org/mozilla/geckoview/geckoview-default-omni
```
also look at the android-env templatesDan BallardDan Ballardhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/811Bug 42140: Disable Window.sizeToContent for non-system callers by default2023-10-10T15:23:38Zcypherpunks1Bug 42140: Disable Window.sizeToContent for non-system callers by default## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#42140
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: ...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#42140
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [ ] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Merging
- [ ] Merge to `tor-browser` - `!fixups` to `tor-browser`-specific commits, new features, security backports
- [ ] Merge to `base-browser` - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports
- **NOTE**: if your changeset includes patches to both `base-browser` and `tor-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](http://eweiibe6tdjsdprb4px6rqrzzcsi22m4koia44kc5pcjr7nec2rlxyad.onion/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [ ] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
#### Change Description
Backported changes from https://hg.mozilla.org/mozilla-central/rev/0a174d6682ba and https://hg.mozilla.org/mozilla-central/rev/e19686b3d1a0.
#### How Tested
Verified that the pref disables sizeToContent with [TZP](https://arkenfox.github.io/TZP/tzp.html).cypherpunks1cypherpunks1https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/797Draft: Bug 31075&41762: FP-Isolate speculative connections2023-09-25T17:37:52ZPier Angelo VendrameDraft: Bug 31075&41762: FP-Isolate speculative connections## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#31075
- #41762
- mullvad-browser#xxxxx
- tor-browser-build#xxxxx
### Backporting
#### Timeline
- [ ] **Immediate**: patchset neede...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#31075
- #41762
- mullvad-browser#xxxxx
- tor-browser-build#xxxxx
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Merging
- [x] Merge to `tor-browser` - `!fixups` to `tor-browser`-specific commits, new features, security backports
- [x] Merge to `base-browser` - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports
- **NOTE**: if your changeset includes patches to both `base-browser` and `tor-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](https://gitlab.torproject.org/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [ ] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : clairehurst, dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **macos** : clairehurst, dan
- **nightly builds** : boklm
- **rebases/release-prep** : dan, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
#### Change Description
We've long had a patch that disabled speculative connections (= connections created by the parent before the content process requests them, according to the comment in the code).
The reason is that we can see that connections are actually created on the catch-all circuit or in the wrong FPD.
However, from what I understood, the speculative connection is not then used for the real requests, at least not if it doesn't match the attributes.
Still, it was right to disable it, especially for the "open a link to a new tab" case, in which it would theoretically create a connection to the "new" domain with the old circuit (even though it was possibly not used).
In practice, this might not happen, or might be disabled on the proxy (bad for MB!).
Doing a proper test is difficult, because the connection will be open anyway.
I've tried with a Python HTTP server, and I didn't get two requests. So, the connection might really be a TCP connection to find it already open.
Anyway, we know how to do things properly, so let's do it.
If we think this is better than the previous state, we could try uplift it very soon, to get feedback from someone who knows more about it (even though it's [quite difficult to find that someone](https://bugzilla.mozilla.org/show_bug.cgi?id=1475811) :sweat_smile:).
#### How Tested
First, I tried to see what we got when removing the old patch with the `browser.tordomainisolator.loglevel` set to `all`.
It will expose all the requests.
At that point, you'll be able to see we get requests through the `--unknown--` username, that is the catch-all circuit.
Another thing you might see is that opening links in the new tab uses a connection that is tied to the opener domain, e.g.,
```
Requested https://example.net/ via example.org:0:...
```
Then, apply the new patch. No more catch all circuit, and no more links opened with the previous domain.Pier Angelo VendramePier Angelo Vendramehttps://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/690Bug 41065: Use a hard-coded value for storage estimate when RFP is enabled2023-11-22T10:34:50Zcypherpunks1Bug 41065: Use a hard-coded value for storage estimate when RFP is enabled## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#41065
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: ...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#41065
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Merging
- [x] Merge to `tor-browser` - `!fixups` to `tor-browser`-specific commits, new features, security backports
- [x] Merge to `base-browser` - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports
- **NOTE**: if your changeset includes patches to both `base-browser` and `tor-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](http://eweiibe6tdjsdprb4px6rqrzzcsi22m4koia44kc5pcjr7nec2rlxyad.onion/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [ ] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **nightly builds** : boklm
- **rebases/release-prep** : dan_b, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
#### Change Description
The ShouldResistFingerprinting function likely needs context to honor `privacy.resistFingerprinting.exemptedDomains`.cypherpunks1cypherpunks1https://gitlab.torproject.org/tpo/applications/tor-browser/-/merge_requests/684Bug 29745: Limit remote access to content accessible resources2023-11-21T11:43:52Zcypherpunks1Bug 29745: Limit remote access to content accessible resources## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#29745
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: ...## Merge Info
<!-- Bookkeeping information for release management -->
### Related Issues
- tor-browser#29745
### Backporting
#### Timeline
- [ ] **Immediate**: patchset needed as soon as possible
- [ ] **Next Minor Stable Release**: patchset that needs to be verified in nightly before backport
- [ ] **Eventually**: patchset that needs to be verified in alpha before backport
- [x] **No Backport (preferred)**: patchset for the next major stable
#### (Optional) Justification
- [ ] **Emergency security update**: patchset fixes CVEs, 0-days, etc
- [ ] **Censorship event**: patchset enables censorship circumvention
- [ ] **Critical bug-fix**: patchset fixes a bug in core-functionality
- [ ] **Consistency**: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
- [ ] **Sponsor required**: patchset required for sponsor
- [ ] **Other**: please explain
### Merging
- [x] Merge to `tor-browser` - `!fixups` to `tor-browser`-specific commits, new features, security backports
- [x] Merge to `base-browser` - `!fixups` to `base-browser`-specific commits, new features to be shared with `mullvad-browser`, and security backports
- **NOTE**: if your changeset includes patches to both `base-browser` and `tor-browser` please clearly label in the change description which commits should be cherry-picked to `base-browser` after merging
### Issue Tracking
- [ ] Link resolved issues with appropriate [Release Prep issue](http://eweiibe6tdjsdprb4px6rqrzzcsi22m4koia44kc5pcjr7nec2rlxyad.onion/groups/tpo/applications/-/issues/?sort=updated_desc&state=opened&label_name%5B%5D=Release%20Prep&first_page_size=20) for changelog generation
### Review
#### Request Reviewer
- [x] Request review from an applications developer depending on modified system:
- **NOTE**: if the MR modifies multiple areas, please `/cc` all the relevant reviewers (since gitlab only allows 1 reviewer)
- **accessibility** : henry
- **android** : dan
- **build system** : boklm
- **extensions** : ma1
- **firefox internals (XUL/JS/XPCOM)** : ma1
- **fonts** : pierov
- **frontend (implementation)** : henry
- **frontend (review)** : donuts, richard
- **localization** : henry, pierov
- **nightly builds** : boklm
- **rebases/release-prep** : dan_b, ma1, pierov, richard
- **security** : ma1
- **signing** : boklm, richard
- **updater** : pierov
- **misc/other** : pierov, richard
#### Change Description
<!-- Whatever context the reviewer needs to effectively review the patchset; if the patch includes UX updates be sure to include screenshots/video of how any new behaviour -->
The exclusions prevent breaking features like media controls and could possibly be improved.
The patch can be tested with https://arkenfox.github.io/TZP/tests/chrome.htmlcypherpunks1cypherpunks1