(Also removes a dot from aboutTor.donationBanner.slogan)

Improve the overview/summary comment in external-app-blocker.js.

Arthur Edelstein authored Aug 22, 2017 and Georg Koppen committed Aug 23, 2017

When the browser window is maximized, we show users a notification
warning that maximizing the screen is fingerprintable. We should
show this warning when the window enters fullscreen mode as well.
This change is especially important for macOS, which uses
window.STATE_FULLSCREEN instead of window.STATE_MAXIMIZED when
the user clicks the "maximize" button on the window title bar.

Arthur Edelstein authored Aug 14, 2017 and Georg Koppen committed Aug 23, 2017

Before this patch, a new Tor Browser window, non-maximized,
was showing a "don't maximize this window" notification briefly
as soon as it was first displayed. Worse, the notification box
that appears causes the window height to increase by 10 or 11
pixels and thus breaks our desired window dimension rounding.

Our intended behavior is that this notification only be shown
when the window is maximized by the user. I discovered that,
on macOS, windowState === window.STATE_MAXIMIZED for a short
time when the window is first created. Then it rapidly changes
to windowState === window.STATE_NORMAL. So I added a `setTimeout`
promise to postpone checking the window size until after
window creation "settles" and that seems to be enough to ensure
we avoid showing the spurious notification box at window
creation.

Also fixes Bug 22543, "Tor Browser 7.0 shows window
resize warning on every new window for a few seconds". And
fixes issues raised in comments 2 and 3 in that ticket as well.

Kathleen Brade authored Jul 20, 2017 and Georg Koppen committed Aug 04, 2017

For compatibility with recent changes to our browser patch, change the
external app blocker module so it implements the new nsIHelperAppWarningDialog
interface. Since the external app blocker module is no longer a service,
split the drag and drop filter into a separate component (which remains a
service).

Kathleen Brade authored Jul 12, 2017 and Georg Koppen committed Aug 01, 2017

Automatically adjust the height of the Security Settings window so that
no scrollbar is needed. Also, add 100 pixels to the width and increase
maxheight and maxwidth to give users more flexibility when they choose to
manually resize the window.

Rearchitect our implementation so that about:tor pages are always
loaded in a content process. This also fixes:
  Bug 22535: Searching brings me to duckduckgo but my query is discarded.
  Bug 21948: Going back to about:tor page gives "Address isn't valid" error.

Most of the code that initializes and updates about:tor content has
been moved to a content script. When necessary, IPC is used to pass
data from the chrome process to the content script.

Removed old, no-longer-used m_tb_orig_BrowserOnAboutPageLoad variable
from torbutton.js.

Also, update the about:tor newChannel() implementation to accept an
nsILoadInfo parameter.

In commit 2978978e we hinted at updating
`privacy.thirdparty.isolate` once we switch to ESR 52. We forgot that
while migrating but replace it now with `privacy.firstparty.isolate` as
expected.

We remove `dom.workers.sharedWorkers.enabled` as this preference is long
gone.

Mozilla made the Battery API chrome-only
(https://bugzilla.mozilla.org/show_bug.cgi?id=1313580). We therefore
don't need to take care of it anymore in Torbutton.

Increase the height of the security slider description area to
avoid a scrollbar on macOS 10.12 (previously, the text associated
with the "High" level required a scrollbar).

Kathleen Brade authored Jun 01, 2017 and Georg Koppen committed Jun 02, 2017

Fix problems with missing video playback controls and missing scrollbars.
Use a regex solution to allow access to all png images, svg images,
and css files under chrome://global/skin/media.

Instead of whitelisting single resources for view-source requests that
might allow platform detection we allow all of those that are needed by
requests with a view-source origin. This should be safe now that
https://bugzilla.mozilla.org/show_bug.cgi?id=1172165 landed.

Avoid noise on the error console when a page is reloaded. Since 304
responses do not have Location headers, it is safe to ignore such
responses inside our http-on-examine-response observer.

Load our content policy module as a process script instead of as a component
so that our nsIContentPolicy filter runs in content processes.

Our http-on-examine-response code that blocks redirects to internal URLs
must continue to run in the chrome process only.

It turns out that the JIT *.content prefs are gone for a while now. This
happened in https://bugzilla.mozilla.org/show_bug.cgi?id=939562 and the
patch updates the security slider to take this into account. We got the
tip to include `javascript.options.native_regexp` as well.

`javascript.options.typeinference` is gone with
https://bugzilla.mozilla.org/show_bug.cgi?id=972817 and we therefore
remove it. And asm.js is disabled globally until we find a good solution
for #19417.

The tooltip text got updated accordingly.

This reverts commit 1b7ce9f5. We did
not backport Mozilla's patch which uses the new preference. Thus we need
to stick to the old one for now.

Closes #21885.

Arthur Edelstein authored Mar 17, 2017 and Georg Koppen committed Apr 04, 2017

Also, make sure we renew catchall "--unknown--" domain if user chooses
"New Tor Circuit" for about:addons, for example.

Kathleen Brade authored Feb 08, 2017 and Georg Koppen committed Apr 04, 2017

Ignore "not available" errors from appCacheStorage.asyncEvictStorage()
since these can occur if the cache has not been used yet.

Change torbutton_close_tabs_on_new_identity() to use browser.removeTab()
instead of browser.contentWindow.close() since we cannot directly access
the contentWindow when multi-process mode is enabled.

Fix indentation and modernize the torbutton_close_tabs_on_new_identity()
code.

Kathleen Brade authored Feb 09, 2017 and Georg Koppen committed Apr 04, 2017

Also, use Cc, Ci, and Cr inside torbutton_resizelistener.

Version bump, and CHANGELOG update