Bug 41908: Rebased on 102.14

Merge Info

Related Issues

• #41908 (closed)
• #41761 (closed)
• tor-browser-build#40896 (closed)

Backporting

Timeline

• Immediate: patchset needed as soon as possible
• Next Minor Stable Release: patchset that needs to be verified in nightly before backport
• Eventually: patchset that needs to be verified in alpha before backport
• No Backport (preferred): patchset for the next major stable

(Optional) Justification

• Emergency security update: patchset fixes CVEs, 0-days, etc
• Censorship event: patchset enables censorship circumvention
• Critical bug-fix: patchset fixes a bug in core-functionality
• Consistency: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
• Sponsor required: patchset required for sponsor
• Other: branch needed for 12.5.2 stable release

Merging

• Merge to tor-browser - !fixups to tor-browser-specific commits, new features, security backports
• Merge to base-browser - !fixups to base-browser-specific commits, new features to be shared with mullvad-browser, and security backports
  • NOTE: if your changeset includes patches to both base-browser and tor-browser please clearly label in the change description which commits should be cherry-picked to base-browser after merging

Issue Tracking

• Link resolved issues with appropriate Release Prep issue for changelog generation

Review

Request Reviewer

• Request review from an applications developer depending on modified system:
  • NOTE: if the MR modifies multiple areas, please /cc all the relevant reviewers (since gitlab only allows 1 reviewer)
  • accessibility : henry
  • android : dan
  • build system : boklm
  • extensions : ma1
  • firefox internals (XUL/JS/XPCOM) : ma1
  • fonts : pierov
  • frontend (implementation) : henry
  • frontend (review) : donuts, richard
  • localization : henry, pierov
  • nightly builds : boklm
  • rebases/release-prep : dan_b, ma1, pierov, richard
  • security : ma1
  • signing : boklm, richard
  • updater : pierov
  • misc/other : pierov, richard

Change Description

Rebasing 12.5 on 102.14, also cherry-picking a couple of moz bugs on top to tentatively fix #41761 (closed).

Both diff of diffs and range-diff look good.

requested review from @pierov

assigned to @ma1

changed the description

Sorry, there was some miscommunication. For the Moz commits, I'd add them after the other Moz commits (before GK's revert).

4dcf0094 should remain as a fixup until the next rebase.

However, it's so easy that I'm fine with it being already squashed if you want.

The rest is fine .

added 115 commits

• 221d538a...727fa045 - 105 earlier commits
• 08b327da - Bug 40073: Disable remote Public Suffix List fetching
• afcb1096 - Bug 23247: Communicating security expectations for .onion
• 6b54e19c - Bug 30237: Add v3 onion services client authentication prompt
• e3929e2b - Bug 21952: Implement Onion-Location
• cf6691c0 - Bug 40458: Implement .tor.onion aliases
• 5b3767b1 - Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser
• acc4ca36 - Bug 41435: Add a Tor Browser migration function
• b1289fd7 - Bug 40701: Add security warning when downloading a file
• 06025c91 - Bug 41736: Customize toolbar for tor-browser.
• e4d52a1f - Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key

Compare with previous version

resolved all threads

added 115 commits

• e4d52a1f...85a8cd57 - 105 earlier commits
• 2186dc9f - Bug 40073: Disable remote Public Suffix List fetching
• be276c79 - Bug 23247: Communicating security expectations for .onion
• 66a546bc - Bug 30237: Add v3 onion services client authentication prompt
• d8b841b0 - Bug 21952: Implement Onion-Location
• 3cdda59a - Bug 40458: Implement .tor.onion aliases
• 543c046d - Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser
• f95c3395 - Bug 41435: Add a Tor Browser migration function
• 854cefdf - Bug 40701: Add security warning when downloading a file
• 5e05c47b - Bug 41736: Customize toolbar for tor-browser.
• 8e3f2266 - Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key

Compare with previous version

marked this merge request as draft

added 116 commits

• 8e3f2266...90fefc2a - 106 earlier commits
• 8db157b0 - Bug 40073: Disable remote Public Suffix List fetching
• e9a16e05 - Bug 23247: Communicating security expectations for .onion
• 55675a15 - Bug 30237: Add v3 onion services client authentication prompt
• bb22ce38 - Bug 21952: Implement Onion-Location
• 9d8c5bda - Bug 40458: Implement .tor.onion aliases
• 29f22cba - Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser
• 08860a4e - Bug 41435: Add a Tor Browser migration function
• 6c1f46dd - Bug 40701: Add security warning when downloading a file
• 44a9f9a8 - Bug 41736: Customize toolbar for tor-browser.
• 855b6979 - Bug 41728: Pin bridges.torproject.org domains to Let's Encrypt's root cert public key

Compare with previous version

approved this merge request

resolved all threads

marked this merge request as ready

merged