Commit 1e199b8a authored by Mike Perry's avatar Mike Perry
Browse files

Sort prefs. Add support for firefox 3.0rc1: fixes bugs around
history leakage and hooks; sets additional prefs to disabale
history disk writes with places; fixes crash recovery and
other hooks; sets new useragent spoofing prefs.

Timezone spoofing currently NOT SUPPORTED in Firefox 3.0.



svn:r14731
parent 51f36abd
......@@ -105,7 +105,7 @@ window.__HookObjects = function() {
// We can't define individual getters/setters for window.screen
// for some reason. works in html but not in these hooks.. No idea why
var scr = new window.Object();
var scr = new Object();
var origScr = window.screen;
scr.__defineGetter__("height", function() { return window.innerHeight; });
scr.__defineGetter__("width", function() { return window.innerWidth; });
......@@ -139,6 +139,8 @@ window.__HookObjects = function() {
}
if(window.__tb_hook_date == true) { // don't feel like indenting this
/* Timezone fix for http://gemal.dk/browserspy/css.html */
var reparseDate = function(d, str) {
/* Rules:
......@@ -301,7 +303,10 @@ window.__HookObjects = function() {
with(window) {
var Date = newWrappedDate;
}
} // window.__tb_hook_date == true
with(window) {
XPCNativeWrapper = function(a) { return a; };
}
......
......@@ -330,17 +330,38 @@ function torbutton_prefs_reset_defaults() {
var tmpcnt = new Object();
var children;
var i;
var was_enabled = false;
torbutton_log(3, "Starting Pref reset");
// FIXME: change this to handle people with non-default proxy settings
// 0. Disable tor
// 1. Clear proxy settings
// 2. Restore saved prefs
// 3. Clear torbutton settings
// 4. Enable tor if was previously enabled
// Reset Tor state to disabled.
var wm = Components.classes["@mozilla.org/appshell/window-mediator;1"]
.getService(Components.interfaces.nsIWindowMediator);
var chrome = wm.getMostRecentWindow("navigator:browser");
// XXX Warning: The only reason this works is because of Firefox's
// threading model. As soon as a pref is changed, all observers
// are notified by that same thread, immediately. Since torbutton's
// security state is driven by proxy pref observers, this
// causes everything to be reset in a linear order. If firefox
// ever makes pref observers asynchonous, this will all break.
if(o_torprefs.getBoolPref("tor_enabled")) {
chrome.torbutton_disable_tor();
was_enabled = true;
}
torbutton_log(3, "Tor disabled for pref reset");
// XXX: Some of these are torbutton state variables that should NOT
// be reset!
children = o_torprefs.getChildList("" , tmpcnt);
for(i = 0; i < children.length; i++) {
torbutton_log(5, "Preferences reset: "+children[i]);
if(o_torprefs.prefHasUserValue(children[i]))
o_torprefs.clearUserPref(children[i]);
}
......@@ -350,6 +371,12 @@ function torbutton_prefs_reset_defaults() {
if(o_proxyprefs.prefHasUserValue(children[i]))
o_proxyprefs.clearUserPref(children[i]);
}
torbutton_log(3, "Prefs reset");
if(was_enabled) {
chrome.torbutton_enable_tor();
}
torbutton_log(5, "Preferences reset to defaults");
torbutton_prefs_init(window.document);
......
......@@ -13,6 +13,8 @@ var m_tb_is_main_window = false;
var m_tb_window_height = 0;
var m_tb_window_width = 0;
var m_tb_ff3 = false;
var torbutton_window_pref_observer =
{
register: function()
......@@ -118,7 +120,6 @@ var torbutton_unique_pref_observer =
case "extensions.torbutton.set_uagent":
// If the user turns off the pref, reset their user agent to
// vanilla
// XXX: Update this with new prefs from greg's patch.
if(!m_tb_prefs.getBoolPref("extensions.torbutton.set_uagent")) {
if(m_tb_prefs.prefHasUserValue("general.appname.override"))
m_tb_prefs.clearUserPref("general.appname.override");
......@@ -132,6 +133,15 @@ var torbutton_unique_pref_observer =
m_tb_prefs.clearUserPref("general.useragent.vendorSub");
if(m_tb_prefs.prefHasUserValue("general.platform.override"))
m_tb_prefs.clearUserPref("general.platform.override");
// XXX: Is this ok on ff2?
if(m_tb_prefs.prefHasUserValue("general.oscpu.override"))
m_tb_prefs.clearUserPref("general.oscpu.override");
if(m_tb_prefs.prefHasUserValue("general.buildID.override"))
m_tb_prefs.clearUserPref("general.buildID.override");
if(m_tb_prefs.prefHasUserValue("general.productSub.override"))
m_tb_prefs.clearUserPref("general.productSub.override");
} else {
torbutton_log(1, "Got update message, updating status");
torbutton_update_status(
......@@ -247,6 +257,18 @@ function torbutton_init_toolbutton(event)
function torbutton_init() {
torbutton_log(3, 'called init()');
// Determine if we are firefox 3 or not.
var appInfo = Components.classes["@mozilla.org/xre/app-info;1"]
.getService(Components.interfaces.nsIXULAppInfo);
var versionChecker = Components.classes["@mozilla.org/xpcom/version-comparator;1"]
.getService(Components.interfaces.nsIVersionComparator);
if(versionChecker.compare(appInfo.version, "3.0a1") >= 0) {
m_tb_ff3 = true;
} else {
m_tb_ff3 = false;
}
// initialize preferences before we start our prefs observer
torbutton_init_prefs();
......@@ -546,6 +568,16 @@ function torbutton_update_status(mode, force_update) {
m_tb_prefs.setCharPref("general.useragent.vendorSub",
torprefs.getCharPref("useragent_vendorSub"));
m_tb_prefs.setCharPref("general.oscpu.override",
torprefs.getCharPref("oscpu_override"));
m_tb_prefs.setCharPref("general.buildID.override",
torprefs.getCharPref("buildID_override"));
m_tb_prefs.setCharPref("general.productSub.override",
torprefs.getCharPref("productsub_override"));
} catch(e) {
torbutton_log(5, "Prefset error");
}
......@@ -563,6 +595,14 @@ function torbutton_update_status(mode, force_update) {
m_tb_prefs.clearUserPref("general.useragent.vendorSub");
if(m_tb_prefs.prefHasUserValue("general.platform.override"))
m_tb_prefs.clearUserPref("general.platform.override");
// XXX: Is this ok on ff2?
if(m_tb_prefs.prefHasUserValue("general.oscpu.override"))
m_tb_prefs.clearUserPref("general.oscpu.override");
if(m_tb_prefs.prefHasUserValue("general.buildID.override"))
m_tb_prefs.clearUserPref("general.buildID.override");
if(m_tb_prefs.prefHasUserValue("general.productSub.override"))
m_tb_prefs.clearUserPref("general.productSub.override");
} catch (e) {
// This happens because we run this from time to time
torbutton_log(3, "Prefs already cleared");
......@@ -634,9 +674,11 @@ function torbutton_update_status(mode, force_update) {
// so no need to keep it around for someone to rifle through.
m_tb_prefs.setBoolPref("browser.cache.disk.enable", !mode);
// Disable safebrowsing in Tor. It fetches some info in cleartext
// with no HMAC (Firefox Bug 360387)
m_tb_prefs.setBoolPref("browser.safebrowsing.enabled", !mode);
// Disable safebrowsing in Tor for FF2. It fetches some info in
// cleartext with no HMAC (Firefox Bug 360387)
if(!m_tb_ff3) {
m_tb_prefs.setBoolPref("browser.safebrowsing.enabled", !mode);
}
// I think this pref is evil (and also hidden from user configuration,
// which makes it extra evil) and so therefore am disabling it
......@@ -679,8 +721,17 @@ function torbutton_update_status(mode, force_update) {
// to keep their own prefs.. Not sure what to do though..
if(mode) {
if(torprefs.getBoolPref('block_thwrite')) {
if(m_tb_ff3) {
m_tb_prefs.setIntPref("browser.history_expire_days", 0);
}
m_tb_prefs.setIntPref("browser.download.manager.retention", 0);
} else {
if(m_tb_ff3) {
// XXX: save user value..
if(m_tb_prefs.prefHasUserValue("browser.history_expire_days")) {
m_tb_prefs.clearUserPref("browser.history_expire_days");
}
}
m_tb_prefs.setIntPref("browser.download.manager.retention", 2);
}
......@@ -693,8 +744,17 @@ function torbutton_update_status(mode, force_update) {
}
} else {
if(torprefs.getBoolPref('block_nthwrite')) {
if(m_tb_ff3) {
m_tb_prefs.setIntPref("browser.history_expire_days", 0);
}
m_tb_prefs.setIntPref("browser.download.manager.retention", 0);
} else {
if(m_tb_ff3) {
// XXX: save user value..
if(m_tb_prefs.prefHasUserValue("browser.history_expire_days")) {
m_tb_prefs.clearUserPref("browser.history_expire_days");
}
}
m_tb_prefs.setIntPref("browser.download.manager.retention", 2);
}
......@@ -713,17 +773,17 @@ function torbutton_update_status(mode, force_update) {
if(mode) {
if(changed && m_tb_prefs.prefHasUserValue("plugin.disable_full_page_plugin_for_types")) {
// Update saved plugin pref
torprefs.setCharPref("saved_full_page_plugins",
torprefs.setCharPref("saved.full_page_plugins",
m_tb_prefs.getCharPref("plugin.disable_full_page_plugin_for_types"));
}
// copy plugins array to pref
m_tb_prefs.setCharPref("plugin.disable_full_page_plugin_for_types",
m_tb_plugin_string);
} else {
if(torprefs.prefHasUserValue("saved_full_page_plugins")) {
if(torprefs.prefHasUserValue("saved.full_page_plugins")) {
// restore saved pref
m_tb_prefs.setCharPref("plugin.disable_full_page_plugin_for_types",
torprefs.getCharPref("saved_full_page_plugins"));
torprefs.getCharPref("saved.full_page_plugins"));
} else {
m_tb_prefs.clearUserPref("plugin.disable_full_page_plugin_for_types");
}
......@@ -734,6 +794,31 @@ function torbutton_update_status(mode, force_update) {
if(!changed && force_update)
return;
if(mode) {
// Disable livemark fetching on FF3
// XXX: save user pref
m_tb_prefs.setIntPref("browser.bookmarks.livemark_refresh_seconds", 0);
} else {
if(m_tb_prefs.prefHasUserValue("plugin.disable_full_page_plugin_for_types")) {
m_tb_prefs.clearUserPref("browser.bookmarks.livemark_refresh_seconds");
}
}
/*
* XXX: Windows doesn't call tzset() automatically.. Linux and MacOS
* both do though.. :(
var environ = Components.classes["@mozilla.org/process/environment;1"]
.getService(Components.interfaces.nsIEnvironment);
if(mode) {
torbutton_log(2, "Setting timezone to UTC");
environ.set("TZ", "UTC");
} else {
torbutton_log(2, "Unsetting timezone.");
environ.set("TZ", "PST+7:00");
}
*/
// This call also has to be here for 3rd party proxy changers.
torbutton_close_on_toggle(mode);
......@@ -1567,8 +1652,10 @@ observe : function(subject, topic, data) {
if(m_tb_prefs.prefHasUserValue("browser.safebrowsing.remoteLookups"))
m_tb_prefs.clearUserPref("browser.safebrowsing.remoteLookups");
if(m_tb_prefs.prefHasUserValue("network.security.ports.banned"))
m_tb_prefs.clearUserPref("network.security.ports.banned");
if(!m_tb_ff3) {
if(m_tb_prefs.prefHasUserValue("network.security.ports.banned"))
m_tb_prefs.clearUserPref("network.security.ports.banned");
}
}
if((m_tb_prefs.getIntPref("extensions.torbutton.shutdown_method") == 1 &&
......@@ -1995,17 +2082,30 @@ function torbutton_hookdoc(win, doc) {
// the insertion function returning before the injected code is evaluated.
// This code seems to do what we want.
var str2 = "window.__tb_set_uagent="+m_tb_prefs.getBoolPref('extensions.torbutton.set_uagent')+";\r\n";
str2 += "window.__tb_oscpu=\""+m_tb_prefs.getCharPref('extensions.torbutton.oscpu_override')+"\";\r\n";
str2 += "window.__tb_platform=\""+m_tb_prefs.getCharPref('extensions.torbutton.platform_override')+"\";\r\n";
str2 += "window.__tb_productSub=\""+m_tb_prefs.getCharPref('extensions.torbutton.productsub_override')+"\";\r\n";
var str2 = "";
if(m_tb_ff3) {
str2 += "window.__tb_set_uagent=false;\r\n";
str2 += "window.__tb_hook_date=false;\r\n";
} else {
str2 += "window.__tb_hook_date=true;\r\n";
str2 += "window.__tb_set_uagent="+m_tb_prefs.getBoolPref('extensions.torbutton.set_uagent')+";\r\n";
str2 += "window.__tb_oscpu=\""+m_tb_prefs.getCharPref('extensions.torbutton.oscpu_override')+"\";\r\n";
str2 += "window.__tb_platform=\""+m_tb_prefs.getCharPref('extensions.torbutton.platform_override')+"\";\r\n";
str2 += "window.__tb_productSub=\""+m_tb_prefs.getCharPref('extensions.torbutton.productsub_override')+"\";\r\n";
}
str2 += m_tb_jshooks;
try {
torbutton_log(2, "Type of window: " + typeof(win));
torbutton_log(2, "Type of wrapped window: " + typeof(win.wrappedJSObject));
var s = new Components.utils.Sandbox(win.wrappedJSObject);
s.window = win.wrappedJSObject;
// XXX: FF3 issues
// http://developer.mozilla.org/en/docs/XPConnect_wrappers#XPCSafeJSObjectWrapper
// http://developer.mozilla.org/en/docs/Code_snippets:Interaction_between_privileged_and_non-privileged_pages
s.window = win.wrappedJSObject;
// s.__proto__ = win.wrappedJSObject;
//var result = Components.utils.evalInSandbox('var origDate = Date; window.alert(new origDate())', s);
//result = 23;
var result = Components.utils.evalInSandbox(str2, s);
if(result === 23) { // secret confirmation result code.
torbutton_log(3, "Javascript hooks applied successfully at: " + win.location);
......
......@@ -83,9 +83,7 @@ CertDialogsWrapper.prototype =
var call;
if(params.length) call = "("+params.join().replace(/(?:)/g,function(){return "p"+(++x)})+")";
else call = "()";
var fun = "function "+call+"{if (arguments.length < "+wrapped[method].length+") throw Components.results.NS_ERROR_XPC_NOT_ENOUGH_ARGS; return wrapped."+method+".apply(wrapped, arguments);}";
// already in scope
//var Components = this.Components;
var fun = "(function "+call+"{if (arguments.length < "+wrapped[method].length+") throw Components.results.NS_ERROR_XPC_NOT_ENOUGH_ARGS; return wrapped."+method+".apply(wrapped, arguments);})";
newObj[method] = eval(fun);
//dump("wrapped: "+method+": "+fun+"\n");
} else {
......@@ -99,6 +97,7 @@ CertDialogsWrapper.prototype =
},
confirmDownloadCACert: function(ctx, cert, trust) {
this.logger.log(2, "Cert window");
if(this._prefs.getBoolPref("extensions.torbutton.block_cert_dialogs")) {
this.logger.log(3, "Blocking cert window");
return true;
......
......@@ -90,7 +90,7 @@ StoreWrapper.prototype =
var x = 0;
if(params.length) call = "("+params.join().replace(/(?:)/g,function(){return "p"+(++x)})+")";
else call = "()";
var fun = "function "+call+"{if (arguments.length < "+wrapped[method].length+") throw Components.results.NS_ERROR_XPC_NOT_ENOUGH_ARGS; return wrapped."+method+".apply(wrapped, arguments);}";
var fun = "(function "+call+"{if (arguments.length < "+wrapped[method].length+") throw Components.results.NS_ERROR_XPC_NOT_ENOUGH_ARGS; return wrapped."+method+".apply(wrapped, arguments);})";
// already in scope
//var Components = this.Components;
newObj[method] = eval(fun);
......@@ -119,6 +119,9 @@ StoreWrapper.prototype =
doRestore: function() {
var ret = false;
// FIXME: This happens right after an extension upgrade too. But maybe
// that's what we want.
// This is so lame. But the exposed API is braindead so it
// must be hacked around
dump("new doRestore\n");
......
......@@ -123,8 +123,19 @@ HistoryWrapper.prototype =
* Copies methods from the true history object we are wrapping
*/
copyMethods: function(wrapped) {
// XXX: "Not all histories implement all methods"? wtf?? It's a
// damned service. how are there more than one?
// - http://developer.mozilla.org/en/docs/nsIGlobalHistory3
var mimic = function(newObj, method) {
if(typeof(wrapped[method]) == "function") {
if(method == "getURIGeckoFlags" || method == "setURIGeckoFlags") {
// Hack to deal with unimplemented methods.
// XXX: the API docs say to RETURN the not implemented error
// for these functions as opposed to throw.. Also,
// what other "histories" actually DO implement these functions?
// Did we just break them somehow?
var fun = "(function (){return Components.results.NS_ERROR_NOT_IMPLEMENTED; })";
newObj[method] = eval(fun);
} else if(typeof(wrapped[method]) == "function") {
// Code courtesy of timeless:
// http://www.webwizardry.net/~timeless/windowStubs.js
var params = [];
......@@ -133,11 +144,8 @@ HistoryWrapper.prototype =
var call;
if(params.length) call = "("+params.join().replace(/(?:)/g,function(){return "p"+(++x)})+")";
else call = "()";
var fun = "function "+call+"{if (arguments.length < "+wrapped[method].length+") throw Components.results.NS_ERROR_XPC_NOT_ENOUGH_ARGS; return wrapped."+method+".apply(wrapped, arguments);}";
// already in scope
//var Components = this.Components;
var fun = "(function "+call+"{if (arguments.length < "+wrapped[method].length+") throw Components.results.NS_ERROR_XPC_NOT_ENOUGH_ARGS; return wrapped."+method+".apply(wrapped, arguments);})";
newObj[method] = eval(fun);
//dump("wrapped: "+method+": "+fun+"\n");
} else {
newObj.__defineGetter__(method, function() { return wrapped[method]; });
newObj.__defineSetter__(method, function(val) { wrapped[method] = val; });
......
// pref("extensions.torbutton.prompt_before_visiting_excluded_sites",true);
// debug prefs
pref("extensions.torbutton.debug",true);
pref("extensions.torbutton.loglevel",4);
pref("extensions.torbutton.logmethod",2); // 0=stdout, 1=errorconsole, 2=debuglog
// Display prefs
pref("extensions.torbutton.display_panel",true);
pref("extensions.torbutton.panel_style",'text');
pref("extensions.{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.description", "chrome://torbutton/locale/torbutton.properties");
// proxy prefs
pref("extensions.torbutton.settings_method",'recommended');
pref("extensions.torbutton.use_privoxy",true);
pref("extensions.torbutton.http_proxy","");
......@@ -16,6 +21,9 @@ pref("extensions.torbutton.gopher_proxy","");
pref("extensions.torbutton.gopher_port",0);
pref("extensions.torbutton.socks_host","");
pref("extensions.torbutton.socks_port",0);
// XXX: wtf prefs? These seem not actually connected, but govern
// if user wants own tor proxy settings
pref("extensions.torbutton.custom.http_proxy","");
pref("extensions.torbutton.custom.http_port",0);
pref("extensions.torbutton.custom.https_proxy","");
......@@ -26,6 +34,8 @@ pref("extensions.torbutton.custom.gopher_proxy","");
pref("extensions.torbutton.custom.gopher_port",0);
pref("extensions.torbutton.custom.socks_host","");
pref("extensions.torbutton.custom.socks_port",0);
// saved prefs:
pref("extensions.torbutton.saved.type", 0);
pref("extensions.torbutton.saved.http_proxy", "");
pref("extensions.torbutton.saved.http_port",0);
......@@ -39,10 +49,16 @@ pref("extensions.torbutton.saved.socks_host","");
pref("extensions.torbutton.saved.socks_version",0);
pref("extensions.torbutton.saved.socks_port",0);
pref("extensions.torbutton.saved.cookieLifetime",0);
pref("extensions.{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.description", "chrome://torbutton/locale/torbutton.properties");
// XXX: Hrmm, what is the convention for above? do some of these belong in
// 'saved'?
pref("extensions.torbutton.saved.full_page_plugins","");
// State prefs:
pref("extensions.torbutton.tor_enabled",false);
pref("extensions.torbutton.startup",false);
pref("extensions.torbutton.crashed",false);
pref("extensions.torbutton.block_cert_dialogs",false);
pref("extensions.torbutton.asked_ca_disable",false);
// Security prefs:
pref("extensions.torbutton.no_tor_plugins",true);
pref("extensions.torbutton.clear_cookies",false);
pref("extensions.torbutton.cookie_jars",true);
......@@ -71,25 +87,23 @@ pref("extensions.torbutton.disable_referer",false);
pref("extensions.torbutton.shutdown_method",1); // 0=none, 1=tor, 2=all
pref("extensions.torbutton.block_tforms",true);
pref("extensions.torbutton.block_ntforms",false);
pref("extensions.torbutton.startup",false);
pref("extensions.torbutton.crashed",false);
pref("extensions.torbutton.clear_http_auth",true);
pref("extensions.torbutton.close_tor",false);
pref("extensions.torbutton.close_nontor",false);
pref("extensions.torbutton.block_js_history",true);
pref("extensions.torbutton.resize_on_toggle",true);
pref("extensions.torbutton.banned_ports","8118,8123,9050,9051");
pref("extensions.torbutton.block_file_net",true);
pref("extensions.torbutton.jar_certs",false);
pref("extensions.torbutton.jar_ca_certs",false);
// User agent prefs:
pref("extensions.torbutton.appname_override","Netscape");
pref("extensions.torbutton.appversion_override","5.0 (Windows; en-US)");
pref("extensions.torbutton.platform_override","Win32");
pref("extensions.torbutton.oscpu_override", "Windows NT 5.1");
pref("extensions.torbutton.useragent_override", "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14");
pref("extensions.torbutton.productsub_override","20080404");
pref("extensions.torbutton.buildID_override","0");
pref("extensions.torbutton.useragent_vendor", "");
pref("extensions.torbutton.useragent_vendorSub","");
pref("extensions.torbutton.banned_ports","8118,8123,9050,9051");
pref("extensions.torbutton.block_file_net",true);
pref("extensions.torbutton.jar_certs",false);
pref("extensions.torbutton.jar_ca_certs",false);
pref("extensions.torbutton.asked_ca_disable",false);
pref("extensions.torbutton.block_cert_dialogs",false);
pref("extensions.torbutton.saved_full_page_plugins","");
......@@ -6,7 +6,7 @@
<em:name>Torbutton</em:name>
<em:creator>Scott Squires &amp; Mike Perry</em:creator>
<em:id>{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}</em:id>
<em:version>1.1.18alpha</em:version>
<em:version>1.1.18alpha-dev</em:version>
<em:homepageURL>https://torbutton.torproject.org/dev/</em:homepageURL>
<em:optionsURL>chrome://torbutton/content/preferences.xul</em:optionsURL>
<em:iconURL>chrome://torbutton/skin/tor.png</em:iconURL>
......@@ -16,7 +16,7 @@
<Description>
<em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id>
<em:minVersion>2.0</em:minVersion>
<em:maxVersion>3.0b5</em:maxVersion>
<em:maxVersion>3.1a1pre</em:maxVersion>
</Description>
</em:targetApplication>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment