1.9.8.1 * Bug 20375: Warn users after entering fullscreen mode * Bug 22989: Fix dimensions of new windows on macOS * Bug 23526: Add 2017 Donation banner text * Bug 23483: Donation banner on about:tor for 2017 (testing mode) * Translations Update 1.9.8 * Bug 22610: Avoid crashes when canceling external helper app related downloads * Bug 22472: Fix FTP downloads when external helper app dialog is shown * Bug 22471: Downloading pdf files via the PDF viewer download button is broken * Bug 22618: Downloading pdf file via file:/// is stalling * Bug 22542: Resize slider window to work without scrollbars * Bug 21999: Fix display of language prompt in non-en-US locales * Bug 18193: Don't let about:tor have chrome privileges * Bug 22535: Search on about:tor discards search query * Bug 21948: Going back to about:tor page gives "Address isn't valid" error * Code clean-up * Translations update 1.9.7.4 * Bug 22542: Security Settings window too small on macOS 10.12 1.9.7.3 * Bug 22104: Adjust our content policy whitelist for ff52-esr * Bug 22457: Allow resources loaded by view-source:// * Bug 21627: Ignore HTTP 304 responses when checking redirects * Bug 22459: Adapt our use of the nsIContentPolicy to e10s mode * Translations update 1.9.7.2 * Bug 21865: Update our JIT preferences in the security slider * Bug 21747: Make 'New Tor Circuit for this Site' work in ESR52 * Bug 21745: Fix handling of catch-all circuit * Bug 21547: Fix circuit display under e10s * Bug 21268: e10s compatibility for New Identity * Bug 21267: Remove window resize implementation for now * Bug 21201: Make Torbutton multiprocess compatible * Translation updates 1.9.7.1 * Bug 21396: Allow leaking of resource/chrome URIs (off by default) * Bug 21574: Add link for zh manual and create manual links dynamically * Bug 21330: Non-usable scrollbar appears in tor browser security settings * Bug 21324: Don't update NoScript button with timer update * Translation updates 1.9.7 * Bug 19898: Use DuckDuckGo on about:tor * Bug 21091: Hide the update check menu entry when running under the sandbox * Bug 21243: Add links to es, fr, and pt Tor Browser manual * Bug 21194: Show snowflake in the circuit display * Bug 21131: Remove 2016 donation banner * Translation updates 1.9.6.12 * Bug 20951: Back out Unix domain socket related patches for Tor Browser 6.5 * Bug 19898: Use DuckDuckGo on about:tor * Bug 21243: Add links to es, fr, and pt Tor Browser manual * Bug 21091: Hide the update check menu entry when running under the sandbox * Bug 21131: Remove 2016 donation banner * Bug 14429: Make sure the automatic resizing is disabled * Translation updates 1.9.6.9 * Bug 20947: Donation banner improvements 1.9.5.13 * Bug 20947: Donation banner improvements 1.9.6.8 * Bug 16622: Timezone spoofing moved to tor-browser.git * Bug 20701: Allow the directory listing stylesheet in the content policy * Bug 20556: Use pt-BR strings from now on * Bug 20614: Add links to Tor Browser User Manual * Bug 20414: Fix non-rendering arrow on OS X * Bug 20728: Fix bad preferences.xul dimensions * Bug 20318: Remove helpdesk link from about:tor * Bug 20753: Remove obsolete StartPage locale strings * Translation updates 1.9.6.7 * Bug 20414: Add donation banner on about:tor for 2016 campaign * Bug 20111: use Unix domain sockets for SOCKS port by default * Bug 19459: Move resizing code to tor-browser.git * Bug 20264: Change security slider to 3 options * Bug 20347: Enhance security slider's custom mode * Bug 20123: Disable remote jar on all security levels * Bug 20244: Move privacy checkboxes to about:preferences#privacy * Bug 17546: Add tooltips to explain our privacy checkboxes * Bug 17904: Allow security settings dialog to resize * Bug 18093: Remove 'Restore Defaults' button * Bug 20373: Prevent redundant dialogs opening * Bug 20388+20399+20394: Code clean-up * Translation updates 1.9.5.12 * Bug 20414: Add donation banner on about:tor for 2016 campaign * Translation updates 1.9.6.4 * Bug 17334: Move referrer spoofing for .onion domains into tor-browser.git * Bug 17767: Make "JavaScript disabled" more visible in Security Slider 1.9.6.2 * Bug 18589: Clear site security settings during New Identity * Bug 19906: "Maximizing Tor Browser" Notification can exist multiple times * Bug 19837: Whitelist internal URLs that Firefox requires for media * Bug 15852: Remove/synchronize Torbutton SOCKS pref logic * Bug 19733: GETINFO response parser doesn't handle AF_UNIX entries + IPv6 * Bug 14271: Make Torbutton work with Unix Domain Socket option * Translation updates 1.9.5.7 * Bug 18589: Clear site security settings during New Identity * Bug 19906: "Maximizing Tor Browser" Notification can exist multiple times 1.9.6.1 * Bug 19206: Avoid SOCKS auth and NEWNYM collisions when sharing a tor client * Bug 19417: Disable asm.js (but add code to clear on New Identity if enabled) * Bug 19689: Plugin usage prompt is parented to wrong window * Bug 19273: Improve external app launch handling and associated warnings * Bug 8725: Block addon resource and url fingerprinting with nsIContentPolicy 1.9.5.6 * Bug 19417: Disable asmjs for now * Bug 19689: Use proper parent windows for plugin prompt 1.9.5.5 * Bug 19417: Clear asmjscache 1.9.6 * Bug 18743: Pref to hide 'Sign in to Sync' button in hamburger menu * Bug 18905: Hide unusable items from help menu * Bug 17599: Provide shortcuts for New Identity and New Circuit * Bug 18980: Remove obsolete toolbar button code * Bug 18238: Remove unused Torbutton code and strings * Translation updates * Code clean-up 1.9.5.4 * Bug 18466: Make Torbutton compatible with Firefox ESR 45 * Bug 18743: Pref to hide 'Sign in to Sync' button in hamburger menu * Bug 18905: Hide unusable items from help menu * Bug 16017: Allow users to more easily set a non-tor SSH proxy * Bug 17599: Provide shortcuts for New Identity and New Circuit * Bug 18980: Remove obsolete toolbar button code * Bug 14429: Make sure the automatic resizing is disabled * Translation updates * Code clean-up 1.9.5.3 * Bug 18466: Make Torbutton compatible with Firefox ESR 45 * Translation updates 1.9.5.2 * Bug 18557: Exempt Graphite preference from Security Slider 1.9.4.5 * Bug 18557: Exempt Graphite preference from Security Slider 1.9.5.1 * Bug 16990: Don't mishandle multiline commands * Bug 18144: about:tor update arrow position is wrong * Bug 16725: Allow resizing with non-default homepage * Bug 16017: Allow users to more easily set a non-tor SSH proxy * Translation updates 1.9.4.4 * Bug 16990: Don't mishandle multiline commands * Bug 18144: about:tor update arrow position is wrong * Bug 16725: Allow resizing with non-default homepage * Translation updates 1.9.5 * Bug 16990: Show circuit display for connections using multi-party channels * Bug 18019: Avoid empty prompt shown after non-en-US update * Bug 18004: Remove Tor fundraising donation banner * Code cleanup * Translation updates 1.9.4.3 * Bug 16990: Show circuit display for connections using multi-party channels * Bug 18019: Avoid empty prompt shown after non-en-US update * Bug 18004: Remove Tor fundraising donation banner * Bug 16940: After update, load local change notes * Bug 17108: Polish about:tor appearance * Bug 17568: Clean up tor-control-port.js * Bug 16620: Move window.name handling into a Firefox patch * Bug 17351: Code cleanup * Translation updates 1.9.4.2 * Bug 16940: After update, load local change notes * Bug 16990: Avoid matching '250 ' to the end of node name * Bug 17108: Polish about:tor appearance * Bug 17565: Tor fundraising campaign donation banner * Bug 17568: Clean up tor-control-port.js * Bug 17770: Fix alignments on donation banner * Bug 17792: Include donation banner in some non en-US Tor Browsers * Translation updates 1.9.4.1 * Bug 9623: Spoof Referer when leaving a .onion domain * Bug 16620: Move window.name handling into a Firefox patch * Bug 17164: Don't show text-select cursor on circuit display * Bug 17351: Remove unused code * Translation updates 1.9.4 * Bug 16937: Don't translate the hompepage/spellchecker dictionary string * Bug 16735: about:tor should accommodate different fonts/font sizes * Bug 16887: Update intl.accept_languages value * Bug 15493: Update circuit display on new circuit info * Bug 16797: brandShorterName is missing from brand.properties * Translation updates 1.9.3.7 * Bug 16990: Avoid matching '250 ' to the end of node name * Bug 17565: Tor fundraising campaign donation banner * Bug 17770: Fix alignments on donation banner * Bug 17792: Include donation banner in some non en-US Tor Browsers * Translation updates 1.9.3.5 * Bug 9623: Spoof Referer when leaving a .onion domain * Bug 16735: about:tor should accommodate different fonts/font sizes * Bug 16937: Don't translate the hompepage/spellchecker dictionary string * Bug 17164: Don't show text-select cursor on circuit display * Bug 17351: Remove unused code * Translation updates 1.9.3.4 * Bug 16887: Update intl.accept_languages value * Bug 15493: Update circuit display on new circuit info * Bug 16797: brandShorterName is missing from brand.properties * Bug 14429: Make sure the automatic resizing is disabled * Translation updates 1.9.3.3 * Bug 14429: Make sure the automatic resizing is enabled 1.9.3.2 * Bug 16731: TBB 5.0 a3/a4 fails to download a file on right click * Bug 16730: Reset NoScript whitelist on upgrade * Bug 16722: Prevent "Tiles" feature from being enabled after upgrade * Bug 16488: Remove "Sign in to Sync" from the browser menu (fixup) * Bug 14429: Make sure the automatic resizing is disabled * Translation updates 1.9.3.1 * Bug 16268: Show Tor Browser logo on About page * Bug 16639: Check for Updates menu item can cause update failure * Bug 15781: Remove the sessionstore filter * Bug 15656: Sync privacy.resistFingerprinting with Torbutton pref 1.9.3.0 * Bug 16427: Use internal update URL * Bug 16200: Update Cache API usage and prefs for FF38 * Bug 16357: Use Mozilla API to wipe permissions db 1.9.2.8 * Bug 16403: Set search parameters for Disconnect * Bug 14429: Make sure the automatic resizing is disabled * Translation updates 1.9.2.7 * Bug 14429: Make sure the automatic resizing is enabled 1.9.2.6 * Bug 15984: Disabling Torbutton breaks the Add-ons Manager * Bug 14429: Make sure the automatic resizing is disabled * Translation updates 1.9.2.5 * Translation updates 1.9.2.4 * Bug 14429: Improved automatic window resizing 1.9.2.3: * Bug 15837: Show descriptions if unchecking custom mode * Bug 15927: Force update of the NoScript UI when changing security level * Bug 15915: Hide circuit display if it is disabled. 1.9.2.2: * Bug 15795: Some security slider prefs do not trigger custom checkbox 1.9.2.1: * Bug 14429: Disable window resizing for now. 1.9.2.0: * Bug 15562: Bind SharedWorkers to thirdparty pref * Bug 15533: Restore default security level when restoring defaults * Bug 15510: Close Tor Circuit UI control port connections on New Identity * Bug 15472: Make node text black in circuit status UI. * Bug 15502: Wipe blob URIs on New Identity 1.9.1.0: * Bug 9387: "Security Slider 1.0" * Include descriptions and tooltip hints for security levels * Notify users that the security slider exists * Flip slider so that "low" is on the bottom * Make use of new SVG and MathML prefs * Bug 13766: Set a 10 minute circuit lifespan for non-content requests * Bug 15460: Ensure FTP urls use content-window circuit isolation * Bug 13650: Clip initial window height to 1000px * Bug 14429: Ensure windows can only be resized to 200x100px multiples * Bug 15334: Display Cookie Protections menu if disk records are enabled * Bug 14324: Show HS circuit in Tor circuit display * Bug 15086: Handle RTL text in Tor circuit display * Bug 15085: Fix about:tor RTL text alignment problems * Bug 10216: Add a pref to disable the local tor control port test * Bug 14937: Show meek and flashproxy bridges in tor circuit display * Bugs 13891+15207: Fix exceptions/errors in circuit display with bridges * Bug 13019: Change locale hiding pref to boolean * Bug 7255: Warn users about maximizing windows * Bug 14631: Improve profile access error msgs (strings). 1.9.0.0 * Bug 13882: Fix display of bridges after bridge settings have been changed * Bug 5698: Use "Tor Browser" branding in "About Tor Browser" dialog * Bug 10280: Strings and pref for preventing plugin initialization. * Bug 14866: Show correct circuit when more than one exists for a given domain * Bug 9442: Add New Circuit button to Torbutton menu * Bug 9906: Warn users before closing all windows and performing new identity. * Bug 8400: Prompt for restart if disk records are enabled/disabled. * Bug 14630: Hide Torbutton's proxy settings tab. * Bug 14632: Disable Cookie Manager until we get it working. * Bug 11175: Remove "About Torbutton" from onion menu. * Bug 13900: Remove SafeCache code. * Bug 14490: Use Disconnect search in about:tor search box * Bug 14392: Don't steal input focus in about:tor search box * Bug 11236: Don't set omnibox order in Torbutton (to prevent translation) * Bug 13406: Stop directing users to download-easy.html.en on update * Bug 9387: Handle "custom" mode better in Security Slider * Bug 12430: Bind jar: pref to Security Slider * Bug 14448: Restore Torbutton menu operation on non-English localizations 1.8.1.3 * Bug 13998: Handle changes in NoScript 2.6.9.8+ * Bug 14100: Option to hide NetworkSettings menuitem * Bug 13079: Option to skip control port verification * Bug 13835: Option to change default Tor Browser homepage * Bug 11449: Fix new identity error if NoScript is not enabled * Bug 13881: Localize strings for tor circuit display * Bug 9387: Incorporate user feedback * Bug 13671: Fixup for circuit display if bridges are used * Translation updates 1.8.1.2 * Bug 13672: Make circuit display optional * Bug 13671: Make bridges visible on circuit display * Bug 9387: Incorporate user feedback * Bug 13784: Remove third party authentication tokens 1.8.1.1 * Bug 13751: Remove remaining SafeCache code. 1.8.1.0 * Bug 13746: Properly link Torbutton UI to thirdparty pref. * Bug 13742: Remove SafeCache code (in favor of C++ implementation) 1.8.0.3 * misc: Translation imports for security slider 1.8.0.2 * Bug 13666: Various fixes for circuit status display 1.8.0.1 * Bug 13651: Fix hangs associated with circuit status UI from #8641. 1.8.0.0 * Bug 9387: Provide a "Security Slider" for vulnerability surface reduction * Bug 13019: Synchronize locale spoofing pref with our Firefox patch * Bug 3455: Use SOCKS user+pass to isolate all requests from the same url domain * Bug 8641: Create browser UI to indicate current tab's Tor circuit IPs 1.7.0.2 * Bug 13019: Synchronize locale spoofing pref with our Firefox patch * Bug 13746: Properly link Torbutton UI to thirdparty pref. 1.7.0.1 * Bug 13378: Prevent addon reordering in toolbars on first-run. 1.7.0.0 9 Oct 2014 * Bug 10751: Adapt Torbutton to ESR31's Australis UI. * Bug 13138: ESR31-about:tor shows "Tor is not working" * Bug 12947: Adapt session storage blocker to ESR 31. * Bug 10716: Take care of drag/drop events in ESR 31. * Bug 13366: Fix cert exemption dialog when disk storage is enabled. 1.6.12.3 23 Sep 2014 * Bug 10804: Workaround for some TBB startup hangs 1.6.12.2 22 Sep 2014 * Bug 13091: Use "Tor Browser" everywhere 1.6.12.1 1 Sep 2014 * Bug 12684: Add `canvas.notNow` UI strings to torbutton.properties file. * Bug 8940: Move RecommendedTBBVersions file to www.torproject.org. 1.6.12.0 4 Aug 2014 * Bug 9531: Workaround to avoid rare hangs during New Identity 1.6.11.1 24 Jul 2014 * Bug 11472: Adjust about:tor font and logo positioning to avoid overlap * Bug 12680: Fix Torbutton about url. 1.6.11.0 27 Jun 2014 * Bug 10819: Bind new third party isolation pref to Torbutton security UI * Bug 9268: Fix some window resizing corner cases with DPI and taskbar size. 1.6.10.1 26 Jun 2014 * Bug #12221: Remove obsolete Javascript components from the toggle era 1.6.10.0 5 Jun 2014 * Bug 11510: about:tor should not report success if tor proxy is unreachable * Bug 11783: Avoid b.webProgress error when double-clicking on New Identity * Bug 11722: Add hidden pref to force remote Tor check * Bug 11763: Fix pref dialog double-click race that caused settings to be reset 1.6.9.0: 25 Apr 2014 * Bug 7439: Improve download warning dialog text. * Bug 11384: Completely remove hidden toggle menu item. 1.6.8.0: 7 Apr 2014: * Bug 9010: Add Turkish to update locales. * Bug 11242: Fix improper "update needed" message after in-place upgrade. * Bug 10398: Ease translation of about:tor page elements 1.6.7.0: 7 Mar 2014: * Bug 9901: Fix browser freeze due to content type sniffing * Bug 10611: Add Swedish (sv) to extra locales to update 1.6.6.0: 3 Feb 2014 * Bug 10800: Prevent exception in New Identity * Bug 10640: Fix about:tor's pointer position for RTL languages. * Bug 10095: Make inner window a multiple of 200x100 * Bug 10285: Clear permissions on New Identity * Bug 9738: Fix for auto-maximizing on browser start * Bug 10682: Workaround to really disable updates for Torbutton. * Bug 10419: Don't allow connections to localhost * Bug 10140: Move Japanese to extra locales * Bug 10687: Add Basque (eu) to extra locales 1.6.5.5: 20 Jan 2014 * Bug 9486: Properly clear NoScript Temporary Permissions 1.6.5.4: 14 Jan 2014 * Bug 10537: Include Arabic locale in Torbutton. 1.6.5.3: 23 Dec 2013 * Bug 9486: Clear NoScript Temporary Permissions on New Identity 1.6.5.2: 17 Dec 2013 * Misc: Change the default update download link back to download-easy 1.6.5.1: 10 Dec 2013 * Bug 10352: Clear FF24 Private Browsing Mode data during New Identity 1.6.5: 9 Dec 2013 * Bug 8167: Update cache isolation to use getFirstPartyURIFromChannel() for FF24 * Bug 10201: FF ESR 24 hangs during exit on Mac OS. * Bug 10078: Properly clear crypto tokens during New Identity on FF24 * Bug 9454: Support changes to Private Browsing Mode and plugin APIs in FF24 1.6.4.1: 15 Nov 2013 * Bug 10002: Make the TBB3.0 blog tag our update download url for now. 1.6.4: 29 Oct 2013 * Bug 9144: Workaround for missing translation properties 1.6.3: 11 Oct 2013: * Bug 9224: Support multiple Tor socks ports for about:tor status check * Bug 9587: Add TBB version number to about:tor 1.6.2.1: 23 Sep 2013: * Bug 8839: Switch about:tor search link to unfiltered startpage link 1.6.2: 18 Sep 2013 * bug 9492: Fix Torbutton logo on OSX and Windows (and related initialization code) 1.6.1: 01 Aug 2013 * bug 8478: Change when window resizing code fires to avoid rounding errors * bug 9331: Hack an update URL for the next TBB release * bug 9144: Change an aboutTor.dtd string to something transifex might accept 1.6.0: 05 Jun 2013 * bug 7494: Create a local home page for TBB as about:tor * misc: Perform a control port test of proper Tor configuration by default. Only use check.torproject.org if the control port is unavailable. * misc: Add an icon menu option for Tor Launcher's Network Settings * misc: Add branding string overrides (primarily controls browser name and homepage) 1.5.2: 22 Apr 2013 * bug 8457: Allow session restore if the user allows disk actvity * bug 8301: Remove the Display Settings panel and associated locales * bug 6566: Fix "Transparent Torification" option. * bug 8642: Fix a hang on New Identity. 1.5.1: 07 Mar 2013 * bug 8324: Fix Drag+Drop crash by using a new TBB drag observer * bug 6202: Fix XML/E4X errors with Cookie Protections * bug 8423: Don't clear cookies at shutdown if user wants disk history * bug 8382: Leave IndexedDB and Offline Storage disabled. * bug 8422: Clear DOM localStorage on New Identity. * bug 8335: Don't strip "third party" HTTP auth from favicons * bug 5183: Localize the "Spoof english" button strings * bug 8313: Ask user for confirmation before enabling plugins * misc: Emit private browsing session clearing event on "New Identity" 1.5.0 18 Feb 2013 * bug 5279: Remove old toggle observers and related code * bug 3100: Simplify Security Preference UI and associated pref updates * bug 1305: Eliminate redundancy in our Flash/plugin disabling code * bug 3944: Leave most preferences under Tor Browser's control * bug 7974: Disable toggle-on-startup and crash detection logic * bug 5279: Disable/remove toggle-mode code and related observers * bug 6431: Add menu hint to Torbutton icon * bug 7495: Make Torbutton icon flash a warning symbol if TBB is out of date * bug 6096: Perform version check every time there's a new tab. * bug 6156: Rate limit version check queries to once every 1.5hrs max. * misc: Allow WebGL and DOM storage. * misc: Disable independent Torbutton updates * misc: Change the recommended SOCKSPort to 9150 (to match TBB) 1.4.6.3 9 Oct 2012 * bug 5856: Disable JS hooks to make way for direct Firefox patch 1.4.6.2 12 Sep 2012 * bug 6803: Set proxy settings earlier to fix broken homepage load on FF15 * bug 6254: Support transparent Tor mode through TOR_TRANSPROXY=1 env var. 1.4.6.1 30 Aug 2012 * Bug 6737: Disable window.screen hooks for FF15+ (fixes exception alert) 1.4.6 30 May 2012 * Bug 5710: Prevent all sessionstore data saving in TBB * Bug 5715: Explicitly clear image cache on TBB New Identity * Bug 4660: Clear search and find boxes on TBB New Identity * Bug 5729: Make New Identity and New Window a multiple of 200x100px * Bug 4755: Spoof screen coordinates for DOM MouseEvents * Bug 4718: Make TBB version check happen on New Window+New Identity * Bug 5758: Disable WebSockets and IndexedDB for non-TBB users * Bug 5863: Remove the ability to toggle Torbutton (to prevent leaks) * Bug 3838: Inform Torbutton users about TBB * Bug 5092: Sign Torbutton Updates * Bugs 5673+5732: Change captcha redirect to startpage.com * Bug 3845: Bump Firefox user agent to 10.0-ESR 1.4.5.1 17 Dec 2011 * bug 4722: Fix ability to drag tabs on Windows (due to #4517) 1.4.5 14 Dec 2011 * bug 4517: Disable external drag and drop (prevents proxy bypass) * bug 4099: Disable TLS session tickets to prevent linkability * bug 4603: Lower HTTP keep-alive timeout to reduce linkability * bug 4611: Notify user if "New Identity" fails * bug 4667: Close keep-alive connections on "New Identity" (TBB only) * bug 4453: Reset SOCKS host and port only when using "recommended settings" * misc: Perform versioncheck at startup regardless of session restore status 1.4.4.1 11 Oct 2011 * misc: Fix a homepage load error on Windows TBB first-run 1.4.4 9 Oct 2011 * bug 4197: Allow Torbutton formfill blocking to be disabled * bug 4058: Fix yet more issues with links opening in new tabs * bug 4161: Make TBB version check work w/ SocksPort auto builds * bug 3686: Fix loading of localized homepage on Debian * bug 4016: Resize window on "New Identity" * bug 3928: Implement CookieAuthFile password reading * misc: Fix scoping issue for some stream variables 1.4.3 9 Sep 2011 * bug 3933: Don't touch app.update.auto in TBB * bug 3960: Don't disable zoom.siteSpecific on TBB * bug 3928: Fix auto-scroll on twitter * bug 3649: Make permissions and disk errors human-readable 1.4.2 3 Sep 2011 * bug 3879: Fix broken framed sites (yopmail, gmane, gmaps, etc) * bug 3337: Fetch check.tp.o page to check versions (TBB only) * Bug 3754: Fix SafeCache OCSP errors (fix for TBB only) 1.4.1 28 Aug 2011 * bug 523: Implement New Identity (for TBB only) * bug 3580: Fix hotmail/live breakage (TBB only) * bug 3748: Disable 3rd party HTTP auth * bug 3665: Fix several corner cases SafeCache isolation * bug 3739: Fix https->http CORS failure for SafeCache * bug 3414: Isolate window.name based on referrer policy * bug 3809: Disable referer spoofing (fixes navigation issues) * bug 3819: Fix API issue with cookie protections * bug 3820: Fix warning w/ session store filter 1.4.0 30 Jun 2011 * bug 3101: Disable WebGL. Too many unknowns for now. * bug 3345: Make Google Captcha redirect work again. * bug 3399: Fix a reversed exception check found by arno. * bug 3177: Update torbutton to use new TorBrowser prefs. * bug 2843: Update proxy preferences window to support env var. * bug 2338: Force toggle at startup if tor is enabled * bug 3554: Make Cookie protections obey disk settings * bug 3441: Enable cookie protection UI by default. * bug 3446: We're Firefox 5.0, we swear. * bug #3506: Remove window resize event listener. * bug #1282: Set fixed window size for each new window. * bug #3508: Apply Stanford SafeCache patch (thanks Edward, Collin et al). * bug #2361: Make about window work again on FF4+. * bug #3436: T(A)ILS was renamed to Tails. * bugfix: Fix a transparent context menu issue on Linux FF4+. * misc: Squelch exception from app launcher in error console. * misc: Make DuckDuckGo the default Google Captcha redirect destination. * misc: Make it harder to accidentally toggle torbutton. 1.3.3-alpha 01 May 2011 * bug 2777: Clear OCSP cache on tor toggle * bug 2832: Update spoofed user agent to Firefox 4.0 * bug 2838: Make cookie protections dialog work * bug 2819: Move JS hooks to new JS1.8.5 hooking support on FF4. * bug 3042: Fix version compatibility issue with FF4.0.1+ 1.3.2-alpha 21 Mar 2011 * bug 1624: Use nsIDOMCrypto::logout() instead of the SSLv2 pref hack * bug 1999: Disable tor:// urls by default * bug 1968: Reset window.name on tor toggle * bug 2148: Make refspoofing more uniform * bug 2359: Fix XHTML DTD errors on FF4 * bugs 2465+2421: Fix javascript hook exceptions+issues in FF4.0 * bug 2458: Opt out of Firefox addon usage pings * bug 2377: Limit the Google captcha cookies copied between google TLDs * bug 2491: Clean up checks for when to jar protected cookies * bug 1110: Add popup to ask if we should spoof English Accept: headers * misc: Remove a noisy FF2 nsICookieManager2 fallback check. 1.3.1-alpha 03 Jan 2011 * bugfix: bug 1894: Amnesia is now called TAILS (patch from intrigeri) * bugfix: bug 2315: Remove reference to TorVM (patch from intrigeri) * bugfix: bug 2011: Fix preference dialog issues (patch from chrisdoble) * bugfix: Fix some incorrect log lines in RefSpoofer * new: Support Firefox 4.0 (many changes) * new: Place button in the nav-bar (FF4 killed the status-bar) * misc: No longer reimplement the session store, use new APIs instead * misc: Simplify crash detection and startup mode settings 1.3.0-alpha 30 Sep 2010 * new: Support for transparent proxies in settings (patch from Jacob Appelbaum and Kory Kirk) * new: tor:// and tors:// url support to auto-toggle into tor mode (patch from Kory Kirk) * new: Cookie manager to allow individual Cookie protection (patch from Kory Kirk) * new: Add referrer spoofing based on modified same origin policy (patch from Kory Kirk) * new: Add DuckDuckGo.com as a Google captcha redirect destination (patch from aiden tighe) * bugfix: bug 1911: Fix broken useragent locale string on debian (patch from lunar) * bugfix: Fix captcha detection for encrypted.google.com 1.2.5 08 Apr 2010 * bugfix: bug 1169: Fix blank popup conflict with CoolPreviews * bugfix: bug 1246: Fix IST and other HH:30 timezone issues. * bugfix: bug 1219: Fix the toggle warning loop issue on settings change. * bugfix: bug 1321: Fix a session restore bug when closing the last window * bugfix: bug 1302: Update useragent to FF3.6.3 on WinNT6. * bugfix: bug 1157: Add logic to handle torbutton crashed state conflicts * bugfix: bug 1235: Improve the 'changed-state' refresh warning message * bugfix: bug 1337: Bind alert windows to correct browser window * bugfix: bug 1055: Make the error console the default log output location * bugfix: bug 1032: Fix an exception in the localhost proxy filter * misc: Always tell a website our window size is rounded even if it's not * misc: Add some suggestions to warning about loading external content * new: Add option to always update Torbutton via Tor. On by default * new: Redirect Google queries elsewhere on captcha (default ixquick) * new: Strip identifying info off of Google searchbox queries 1.2.4 16 Dec 2009 * bugfix: bug 1169: Fix blank popup conflict with Google Toolbar * bugfix: bug 1171: Properly store and set network.dns.disablePrefetch * bugfix: bug 1165: Fix an exception on toggle in FF3.6 * bugfix: bug 1163: Fix history loss in FF3.6 * bugfix: Fix a typo error during logging * bugfix: Properly handle session restore in FF3.6 * misc: Kill a warning message about missing properties in window-mapper.js * new: Add a new pref to disable Livemark updates during Tor usage (FF3.5+) 1.2.3 02 Dec 2009 * bugfix: bug 950: Preserve useragent and download settings across toggle * bugfix: bug 1014: Fix XML Parsing Error on XHTML sites in Tor mode * bugfix: bug 1041: Preserve tab history in FF3.5 * bugfix: bug 1047: Fix spurious user agent change notice * bugfix: bug 1053: Partial fix for 'TypeError: browser is undefined' error * bugfix: bug 1084: Preserve HTTP accept language for Non-Tor usage * bugfix: bug 1085: Fix test settings issues with dead privoxy * bugfix: bug 1088: Clean up some namespace issues in the main chrome window * bugfix: bug 1091: Fix a lockup when 'Ask Every Time' cookie pref is set * bugfix: bug 1093: Fix cert acceptance dialogs in Firefox 3.5 * bugfix: bug 1146: Fixes for properly handling tab restore in FF3.5 * bugfix: bug 1152: Close tabs on toggle prevents toggling in FF3.5" * bugfix: bug 1154: Clarify "Last Tor test failed" message * misc: Disable geolocation in FF3.5 during Tor mode * misc: Disable DNS prefetch in FF3.5 in Tor mode and for Tor-loaded tabs * misc: Disable offline app cache during Tor mode * misc: Disable specific site zoom settings during Tor mode * new: Transfer Google cookies between country-code domains. This should make it such that captchas only need to be solved once per Tor session, as opposed to for each country. 1.2.2 09 Aug 2009 * bugfix: Workaround Firefox Bug 440892 to prevent external apps from being launched (and thus bypassing proxy settings) without user confirmation. Independently reported by Greg Fleischer and optimist. * bugfix: Create a separate "No Proxy For" option and remove the string "localhost" from proxy exemptions. Prevents a theoretical proxy bypass condition discovered by optimist. Fix based on patch from optimist. * bugfix: bug 970: Purge undo tab list on Tor toggle. * bugfix: bug 1040: Scrub URLs from log level 4 and higher log messages. Mac OS writes Firefox console messages to disk by default. * bugfix: bug 1033: Fix FoxyProxy conflict that caused some FoxyProxy strings to fail to display. * misc: bug 1006: Pop up a more specific failure message for pref changing errors during Tor toggle. * misc: Fix a couple of strict javascript warns on FF3.5 * misc: Add chrome url protection call to conceal other addons during non-Tor usage. Patch by Sebastian Lisken. * misc: Remove torbutton log system init message that may have scared some paranoids. 1.2.1 21 Mar 2009 * bugfix: bug 773: Fixed Noscript conflict issue. * bugfix: bug 866: Fixed conflict with ZoTero * bugfix: bug 908: Make UserAgentSwitcher's 'default' button restore Torbutton's spoofed user agent if Tor is enabled. * bugfix: bug 909: Get Torbutton to "properly" react to users changing their Firefox cookie lifetime settings as opposed to using the Torbutton interface. * bugfix: bug 834: Fix session saving and startup issues * bugfix: bug 875: Removed docShell == null popup during toggle for some users * bugfix: bug 910: fixed a locale spoofing issue in navigator.appVersion * bugfix: bug 747: Attempt to fix 'fullscreen' resizing issues. * bugfix: Stop-gap timezone spoofing fix for Linux and Mac for FF3. Requires a one-line patch to Firefox for Windows to work. * bugfix: Clear SSL Session IDs on toggle. (See FF Bug 448747) * misc: bug 931: Added a socks v4 vs v5 version choice to custom prefs. * misc: bug 836: redesign startup preference window to make it more understandable * misc: Torbutton now presents itself as Windows FF3.0.7. * misc: Change RDF to allow Torbutton to run on FF3.1 betas. 1.2.0 30 Jul 2008 * bugfix: bug 777: Fix issue with locale spoofing breaking translations. * bugfix: bug 778: Preserve locale in spoofed version if user does not want locale spoofing. * bugfix: bug 780: Keep session cookies during Tor toggle. * bugfix: Potential fix for some PKCS#12 issues. * bugfix: Fix crash recovery and uninstall/upgrade to avoid cookie loss. * misc: Translation updates. 1.2.0rc6: 12 Jul 2008 * bugfix: Fix bug causing Firefox history to get cleared in some situations * bugfix: bug 753: Fix exception thrown during Tor toggle in some instances * bugfix: bug 758: Fix resize issue where 0x0 windows could be created * bugfix: Fix some potential permission denied issues with cookie jars * bugfix: bug 520: Fix issue where Javascript stayed disabled in some tabs * bugfix: Apply cookie lifetime settings to Tor settings on first install. * bugfix: Don't disable Firefox preferences when Torbutton is uninstalled * misc: Allow automatic updates in FF3 by default. They are secure now. * misc: Translation updates 1.2.0rc5 06 Jul 2008 * bugfix: bug 734: Fix exception with clearing history on toggle * bugfix: bug 735: Fix exception with blocking Non-Tor history writes * bugfix: bug 720: FF3 cookie jar fix submitted by arno * misc: translation updates for French, Farsi, and others * misc: demote "mapper check" log message to info * new: Option to not write cookie jars to disk submitted by arno 1.2.0rc4 27 Jun 2008 * misc: Refuse to jar cookies under Firefox 3. Lame workaround for Firefox Bug 439384, but it's the best we can do. At least we won't destroy cookies anymore. * misc: Some strings were present twice in the en-US locale. Didn't seem to cause any problems, but probably should be fixed. 1.2.0rc3 27 Jun 2008 * bugfix: Lots of compatibility updates with other extensions. Issues with SpeedDial, Google Notebook, TabMixPlus, and others have been fixed. * bugfix: Fix bug with first window/tab after restart being partially prevented from performing network activity and/or history access. * bugfix: Add an additional pref for blocking Non-Tor file url network activity. Off by default. This should fix issues with Sage addon in Non-Tor mode. * bugfix: Be better about saving all sorts of Firefox prefs that we touch so that users' Non-Tor preferences are remembered. * bugfix: Fix potential issues with FF3 sessionstore by updating component, and performing version detection. * bugfix: Separate toggle into a 3 stage process to eliminate potential race conditions and issues with javascript and other functionality not working after Tor toggle. * new: Added 'Test Settings' button to Proxy Preferences that uses check.torproject.org to verify Tor status. * misc: Improve 'Restore Defaults' to reset all prefs that we touch. * misc: Fix logging system to be more user-legible. 1.2.0rc2 08 Jun 2008 * bugfix: MacOS: Fix broken Tor state/toggle issues when all windows are closed but app stays open * misc: Potential performance improvements when many windows+tabs are open * new: Add 'locked mode' pref to allow users to disable one-click toggling * new: Add prefs to start Firefox with a specific Tor state. 1.2.0rc1 01 Jun 2008 * general: FF3 should now be functional, but timezone masking is not operational * bugfix: Fix Places/history component hooking in FF3 * bugfix: Disable Places database in FF3 via browser.history_expire_days=0 if history writes are disabled. * bugfix: General component hooking fixes for FF3 * bugfix: Block favicon leaking in FF3 * bugfix: Enable safebrowsing updates in FF3 (it's finally HMACd. Yay). * bugfix: Use Greg Fleischer's new useragent prefs in FF3. * bugfix: Properly reset cookie lifetime policy when user changes cookie handling options. * bugfix: Fix 'Restore defaults' button issues with custom proxy settings * bugfix: navigator.oscpu hooking was broken in 1.1.18 * bugfix: Try to prevent alleged 0x0 windows on crash recovery * bugfix: Attempt to block livemarks updates during Tor. Only partial fix. Not possible to cancel existing Livemarks timer (one fetch will still happen via Tor before disable). See Firefox Bug 436250 * misc: Set plugin.disable_full_page_plugin_for_types for all plugin mimetypes just in case our custom full page blocking code fails 1.1.18 17 Apr 2008 * bugfix: Fix Gmail exceptions involving window.navigator that made Gmail unusable after recent updates by Google. * bugfix: Fix an exception in the content policy that may have prevented some AJAX page elements from loading. * bugfix: Fix regression on cross-state favicon leak introduced in 1.1.17 * bugfix: Fix to make clear private data work again by fixing up history hooking (may also help FF3 compatibility). * bugfix: Fix Yahoo email account creation (broken due to Date.valueOf() weirdness). * bugfix: Fix to allow plugins if the user unchecks the plugin blocking preference * bugfix: Fix bug 638: eliminate cross-state history popup on session restore * bugfix: Only resize windows on document load. Hopefully this will make the resizing code less annoying, and drift less. * bugfix: Fix Object.prototype extensions involving the Date object (observed on LiveJournal) * bugfix: Fix javascript debugger compatibility issues involving source window display and other functionality. * misc: Prevent blocked popups from opening blank, unusable windows * misc: Updated firefox version to 2.0.0.14 * new: New translations for French, Russian, Farsi, Italian, and Spanish. 1.1.17 15 Mar 2008 * bugfix: Improve chrome disclosure protection (patch from Greg Fleischer) * bugfix: Block network access from file urls to workaround Firefox 'Content-Disposition' file stealing attack (found/fixed by Greg) * bugfix: Apply Javascript hooks to javascript: urls (found by Greg) * bugfix: Improve Torbutton chrome concealment (found by Greg) * bugfix: Use 127.0.0.1 instead of localhost for IPv6 users * bugfix: Don't resize maximized windows * misc: Improve window resizing to only resize on document load, and to try to address drift by remembering window sizes * misc: Clear session history if clear history on tor toggle is set * new: Remove history hooks in favor of nsISHistoryListeners that prevent history navigation from alternate Tor states 1.1.16 03 Mar 2008 * bugfix: Fix yet more javascript unmasking issues found by Greg. Date is still unmaskable. * bugfix: Close tabs *before* toggling proxy settings if pref is set. * bugfix: Fix a couple exceptions thrown on resizing and plugin canceling 1.1.15 26 Feb 2008 * bugfix: Fix hook unmasking of window.screen, window.history, and window.navigator discovered by Greg Fleischer. window.Date unmasking is still unfixed. window.history unmasking represents potential IP disclosure due to Firefox Bug 409737. * bugfix: Fix view-source extension disclosure bug found by Greg Fleischer. * bugfix: Fix javascript and about links. Found by Greg Fleischer. * new: Attempt to prevent window sizes from drifting during resize. 1.1.14 24 Feb 2008 * bugfix: set general.useragent.locale if user wants to spoof an English browser. This handles navigator.locale * bugfix: Mask navigator.buildID. Reported by Greg Fleischer * Initial Firefox 3 work. Functionality still broken due to FF Bug 413682 * bug 580: Resize preferences window to fit in 640x480 displays * new: Spoof window.screen to mask desktop resolution and resize the browser to multiples of 50px while tor is enabled. * new: Block content window access to chrome urls if Tor is enabled, and hide Torbutton if Tor is disabled. Thanks to Greg Fleischer for reporting the chrome disclosure issues * new: Added option to close all opened tabs on a Tor toggle. Useful for general convenience and also as a backup protection against Bug 409737. * new: Add Tor ports to the list of banned ports for Firefox. Should prevent http-ping based fingerprinting attacks. * new: Finally add support for automatic updates. 1.1.13 01 Feb 2008 * bugfix: Implement workarounds to disable Javascript network access for Firefox Bug 409737 * bugfix: Improved plugin-disabling workarounds for Firefox Bug 401296 * misc: Set network.protocol-handler.warn-external.* to warn on external app handlers during Tor usage * misc: Disable browser.safebrowsing.enabled during Tor usage since it retrieves some information in plaintext. * misc: Disable browser.send_pings. * misc: Block Javascript back/forward manipulation if Tor is enabled * new: Option to clear HTTP auth on Tor toggle 1.1.12 26 Nov 2007 * bugfix: bug 520: Fix some content policy/tagging issues. Not sure if this is the whole bug. * bugfix: Fix a nasty bug where torbutton mostly broke if the first Firefox window was closed (introduced in 1.1.11) * bugfix: Fix a favicon proxy-leak discussed in onionland 1.1.11 16 Nov 2007 * bugfix: Fix a scope issue with the JS hooks that caused problems with some sites (gmail, others?) * misc: Performance enhancements for speeding up toggle * new: Prevent Tor cookies from being written to disk if the user wants them cleared. 1.1.10 06 Nov 2007 * bugfix: bug 522: Try harder to kill plugins before they do any network IO (discovered by goldy) * bugfix: bug 460: Remove hook verification. Attempt to apply hooks at every location event. * misc: New logging system * new: Have user choose between starting in Tor or Non-Tor after crash. Leaving it to Firefox is non-deterministic and should not be an option. 1.1.9.1 23 Oct 2007 * bugfix: 1.1.9 killed all plugins. Bring them back to life. 1.1.9 21 Oct 2007 * bugfix: bug 519: Fix Ubuntu Gutsy hang on startup. * bugfix: bug 521: Fix yet more false positive popups introduced in 1.1.8 * bugfix: bug 522: Block loading of direct clicks of plugin-handled content (discovered by goldy). 1.1.8 01 Oct 2007 * bugfix: bug 503: Prevent sessionstore from writing Tor tabs to disk * bugfix: bug 510: Decouple cookie clearing from Clear Private Data settings * bugfix: bug 474: Decouple password+form saving from history writing * bugfix: bug 460: Rework handling of hooking based on global events+window lookup * bugfix: Hooking fixes for pages with nested frames/iframes * bugfix: Cookies are now properly synced before storing into a jar * misc: Tightened up the alerts a bit more for the javascript hooking * misc: Changed defaults to be less intrusive to non-tor usage * new: Added options to start in Tor and reload cookies after browser crash * new: Added ability to have both tor and non-tor cookie jars 1.1.7 20 Sep 2007 * bugfix: bug 495: couple of memory leaks found and fixed by arno * bugfix: bug 497: uninstall exception found and fixed by arno * bugfix: bug 460: No more alerts should happen. But does that mean its fixed? Outlook uncertain... * bugfix: bugs 461+489: verbosity+macos logging issues resolved * bugfix: if javascript is disabled, the hooking code no longer complains * misc: Update spoofed Firefox version to 2.0.0.6 * new: "Restore Defaults" button added to the preferences window 1.1.6 30 Jul 2007 * bugfix: Fix an exception that may have messed up cookie/cache clearing if you allowed Tor to write history URLs (possibly kills bug #457) * bugfix: Use only sub-browsers for tagging. Could fix some Date hooking misses (possibly kills bug #460) * misc: Clean up annoying false positives with date hooking checks 1.1.5 17 Jul 2007 * bugfix: Reset shutdown option if user wants to manually manage cookies * misc: Add code to detect date hooking failures to zero in on Bug #460 * new: Pref to disable "DOM Storage" during Tor usage 1.1.4 - Defcon CD Release 6 Jul 2007 * bugfix: Make plugin state tied to tab load state also * bugfix: Date hooking bug. getUTCYear is not defined. Must call getYear.. * new: Add options to spoof charset and language headers * new: Add option to disable referer header. This can break some sites. Seems to break digg in particular. * new: Copy English strings to all language DTDs so they are at least functional. 1.1.3 - Black Hat CD Release 30 Jun 2007 * bugfix: Fully disable session store if option is set. Otherwise it can save Tor tabs and cause them to be reloaded during Tor usage! * new: Differentiate between crucial and recommended settings in preferences 1.1.2 22 Jun 2007 * bugfix: Make js hooking a bit more invisible * bugfix: Improve navigator.* hooking for user agent spoofing * new: Block session saving during tor usage * new: Add options to clear cookies during Tor/Non-Tor shutdowns 1.1.1 20 Jun 2007 * bugfix: Remove Date hooks from DOM after inserted. Fixes some sites who expect a fixed DOM structure. * new: Integrated Collin Jackson's history blocking+cookie jar code, adapted it to handle various Tor States+read/write differentiation. * new: Allow users to manually manage cookies * new: Mark tabs as having been fetched via Tor or in the clear * new: Add code to only enable javascript on tabs with the same Tor load state as the current * new: options to clear the cache, block disk cache, or block all caching * new: Created options tabbox * new: Option to block updates if Tor was enabled * new: Add nsIContentPolicy to block CSS popups from pages with a different load state than current Tor State. * new: Added user agent spoofing code * new: Support FireFox 2.0 only * new: Disable "safe browsing" remote lookups * new: block session saving 1.1.0 - Security Development begins (Alpha branch) 31 Mar 2007 * new: Option to disable all plugins during Tor usage * new: Javascript hooking to mask timezone for Date Object, attempted CSS fix * new: Options to clear history and cookies on Tor toggle * bugfix: Fix logging to use error console if logger extension not present 1.0.5 18 Nov 2006 * bugfix: fix the about box in firefox 1.0 * bugfix: set the toolbar button to the correct state upon insertion into the toolbar (ff >= 1.5 only) * bugfix: clarify the wording of the one-liner extension description * bugfix: bypassing privoxy with Firefox <= 1.0 is not recommended * bugfix: remember previous "custom" proxy settings * misc: new icons * misc: keyboard shortcut re-assigned to ctrl-2 * new: previous proxy settings are restored after exiting tor mode * new: if the torbutton proxy settings are changed while torbutton is enabled, then the active proxy settings are updated to reflect it * new: added twelve locales 1.0.4 01 Jun 2006 * bugfix: without-privoxy settings were incorrect * bugfix: https settings did not take effect until firefox restart * bugfix: let firefox generate our about box, so it will include the version 1.0.3 31 May 2006 * bugfix: statusbar style would reset to text after firefox restart 1.0.2 23 May 2006 * bugfix: fixed problem with socks_remote_dns * new: mozilla thunderbird support * new: user may customize proxy settings for nonstandard configurations * new: option to not use privoxy in the standard configuration * new: slovenian translation * new: french translation * new: keyboard shortcut (control-shift-t, changeable via keyconfig) * new: context menu for toolbar button and statusbar panel * new: attractive tor icons * new: about dialog * new: option to display statusbar as an icon instead of text 1.0.1 16 Mar 2006 * bugfix: toolbar button tooltips now display the correct status * bugfix: set socks5 proxy to tor port (9050) instead of privoxy (8118) * bugfix: allow user to change proxy exclusion list ("no proxy for") * new: use socks_remote_dns on firefox versions that have it * new: added update functionality through the extensions manager * new: added preference: display statusbar panel (yes/no) * new: added compatibility with firefox 1.0 and 0.9 1.0 07 Mar 2006 * initial release