Draft: BB 29745: Block requests to chrome://*/locale with spoof English.

Merge Info

Issues

Resolves

• tor-browser#xxxxx
• mullvad-browser#xxxxx
• tor-browser-build#xxxxx

Related

• #29745
• mullvad-browser#xxxxx
• tor-browser-build#xxxxx

Merging

Target Branches

• tor-browser - !fixups to tor-browser-specific commits, new features, security backports
• base-browser and mullvad-browser - !fixups to base-browser-specific commits, new features to be shared with mullvad-browser, and security backports
  • ⚠️ IMPORTANT: Please list the base-browser-specific commits which need to be cherry-picked to the base-browser and mullvad-browser branches here

Target Channels

• Alpha: esr128-14.5
• Stable: esr128-14.0
• Legacy: esr115-13.5

Backporting

Timeline

• No Backport (preferred): patchset for the next major stable
• Immediate: patchset needed as soon as possible (fixes CVEs, 0-days, etc)
• Next Minor Stable Release: patchset that needs to be verified in nightly before backport
• Eventually: patchset that needs to be verified in alpha before backport

(Optional) Justification

• Security update: patchset contains a security fix (be sure to select the correct item in Timeline)
• Censorship event: patchset enables censorship circumvention
• Critical bug-fix: patchset fixes a bug in core-functionality
• Consistency: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
• Sponsor required: patchset required for sponsor
• Localization: typos and other localization changes that should be also in the release branch
• Other: please explain

Upstream

• Patchset is a candidate for uplift to Firefox
• Patchset is a backport from Firefox
  • Bugzilla link:
  • Upstream commit:

Issue Tracking

• Link resolved issues with appropriate Release Prep issue for changelog generation

Review

Request Reviewer

• Request review from an applications developer depending on modified system:
  • NOTE: if the MR modifies multiple areas, please /cc all the relevant reviewers (since Gitlab only allows 1 reviewer)
  • accessibility : henry
  • android : clairehurst, dan
  • build system : boklm
  • extensions : ma1
  • firefox internals (XUL/JS/XPCOM) : jwilde, ma1
  • fonts : pierov
  • frontend (implementation) : henry
  • frontend (review) : donuts, morgan
  • localization : henry, pierov
  • macOS : clairehurst, dan
  • nightly builds : boklm
  • rebases/release-prep : dan, ma1, pierov, morgan
  • security : jwilde, ma1
  • signing : boklm, morgan
  • updater : pierov
  • windows : jwilde, morgan
  • misc/other : pierov, morgan

Change Description

Make sure chrome://*/locale URLs are blocked when spoof English is enabled.

Also, don't try to use intl.css in XML pages of error when spoof English is enabled (the default CSS from en-US doesn't apply to that pages, and it isn't available on localized builds of Firefox).

This isn't a fixup to the similar patch for branding resources as I'd like to possibly upstream this.

How Tested

1. Customized intl.css, and checked with spoof English I don't get any customization, without it I get a blue page (see below)
2. Checked that the chrome://.../locale/... request starting from https://arkenfox.github.io/TZP/tests/chrome.html fails (I did it with printf).

I couldn't catch other requests (e.g., for our own .properties files), so I believe this won't block all leaks (in particular, those we get with StringBundles)...

diff --git a/toolkit/locales/en-US/chrome/global/intl.css b/toolkit/locales/en-US/chrome/global/intl.css
index 619d865c59b2..466aca2b69a4 100644
--- a/toolkit/locales/en-US/chrome/global/intl.css
+++ b/toolkit/locales/en-US/chrome/global/intl.css
@@ -9,3 +9,7 @@
 window {
   font: 3mm tahoma,arial,helvetica,sans-serif;
 }
+
+parsererror {
+  background-color: blue;
+}