Skip to content

Bug 42160: Allow specifying a TOR_PROVIDER=none to configure only the proxy settings during the TorProviderBuilder initialization.

Merge Info

Related Issues



  • Immediate: patchset needed as soon as possible
  • Next Minor Stable Release: patchset that needs to be verified in nightly before backport
  • Eventually: patchset that needs to be verified in alpha before backport
  • No Backport (preferred): patchset for the next major stable

(Optional) Justification

  • Emergency security update: patchset fixes CVEs, 0-days, etc
  • Censorship event: patchset enables censorship circumvention
  • Critical bug-fix: patchset fixes a bug in core-functionality
  • Consistency: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
  • Sponsor required: patchset required for sponsor
  • Other: please explain


  • Merge to tor-browser - !fixups to tor-browser-specific commits, new features, security backports
  • Merge to base-browser - !fixups to base-browser-specific commits, new features to be shared with mullvad-browser, and security backports
    • NOTE: if your changeset includes patches to both base-browser and tor-browser please clearly label in the change description which commits should be cherry-picked to base-browser after merging

Issue Tracking


Request Reviewer

  • Request review from an applications developer depending on modified system:
    • NOTE: if the MR modifies multiple areas, please /cc all the relevant reviewers (since gitlab only allows 1 reviewer)
    • accessibility : henry
    • android : clairehurst, dan
    • build system : boklm
    • extensions : ma1
    • firefox internals (XUL/JS/XPCOM) : ma1
    • fonts : pierov
    • frontend (implementation) : henry
    • frontend (review) : donuts, richard
    • localization : henry, pierov
    • macos : clairehurst, dan
    • nightly builds : boklm
    • rebases/release-prep : dan, ma1, pierov, richard
    • security : ma1
    • signing : boklm, richard
    • updater : pierov
    • misc/other : pierov, richard

Change Description

In the refactor of the Tor integration, I missed a possible scenario: no control port, but environment variables to configure the SOCKS port.

However, I don't think it makes sense to build a TorProvider for that, since it expects to be connected to a control port.

Instead, we could start already to differentiate on channels.

I'd like to create a pref for that, but I didn't know how to call it, and I think we could wait for when we also have Arti to include it and do a rework on all the legacy prefs to be coherent.

For a similar reason, I only glued together the thing in TorLauncherUtil.shouldStartAndOwnTor, but I'd like to remove this method altogether when we also rework TorConnect and TorSettings.

How Tested

  1. Checked that opening Tor Browser normally still results in an error if tor exits (e.g., because another process is still listening on the specified ports)
  2. Checked that killing tor still makes the prompt work
  3. Checked that opening two Tor Browsers (different profiles) and specifying TOR_PROVIDER=none to the patched one skips about:torconnect and makes the warning appear in about:tor. At that point check that says we're behind Tor
  4. Check that opening two Tor Browsers like 3 but with custom SOCKS ports work. Also check that the SOCKS configuration is updated in both in about:config
  5. After restoring the default configuration in the patched Tor Browser, do a test like 4., but without specifying the custom configuration to Tor Browser. Check that the patched Tor Browser fails to connect because of a proxy refusing

Merge request reports