diff options
| author | Georg Koppen <gk@torproject.org> | 2015-03-19 15:06:18 +0000 |
|---|---|---|
| committer | Georg Koppen <gk@torproject.org> | 2015-03-19 15:06:18 +0000 |
| commit | b4a5f569b39960991e171e6992936549ad3d209c (patch) | |
| tree | af5a60cf9b06007d1030de8d3e6d0faccfbc7d4c | |
| parent | 54d02f3c1c97c2dcef2c8c03bc00580592a6cf38 (diff) | |
Bug 9387: Version 0.8 of the Security Sliderbug_9387_v9
| -rw-r--r-- | src/chrome/content/preferences.js | 48 | ||||
| -rw-r--r-- | src/chrome/content/preferences.xul | 178 | ||||
| -rw-r--r-- | src/chrome/content/torbutton.js | 185 | ||||
| -rw-r--r-- | src/chrome/locale/en/torbutton.dtd | 25 | ||||
| -rw-r--r-- | src/chrome/skin/preferences.css | 11 | ||||
| -rw-r--r-- | src/defaults/preferences/preferences.js | 2 |
6 files changed, 300 insertions, 149 deletions
diff --git a/src/chrome/content/preferences.js b/src/chrome/content/preferences.js index eaaa0590..be77793d 100644 --- a/src/chrome/content/preferences.js +++ b/src/chrome/content/preferences.js @@ -192,13 +192,18 @@ function torbutton_prefs_init(doc) { sec_slider.value = o_torprefs.getIntPref('security_slider'); sec_custom.checked = custom_values; sec_custom.disabled = !custom_values; + torbutton_set_slider_text(doc, sec_custom.checked); // If the custom checkbox is checked and the user is done with dragging // uncheck the checkbox to allow setting the (newly) chosen security level. sec_slider.dragStateChanged = function(isDragging) { if (!isDragging && sec_custom.checked) { sec_custom.checked = false; + sec_custom.disabled = true; } } + sec_slider.valueChanged = function(which, newValue, userChanged) { + torbutton_set_slider_text(doc, false); + } torbutton_prefs_set_field_attributes(doc); } @@ -473,6 +478,49 @@ function torbutton_toggle_slider(doc, pos) { if (sec_custom.checked) { sec_custom.checked = false; } + torbutton_set_slider_text(doc, false); +} + +function torbutton_set_slider_text(doc, custom) { + let level = doc.getElementById("torbutton_sec_slider").value; + if (custom) { + level = 5; + } + switch (level) { + case (1): + doc.getElementById("desc_low").collapsed = true; + doc.getElementById("desc_medium_low").collapsed = true; + doc.getElementById("desc_medium_high").collapsed = true; + doc.getElementById("desc_high").collapsed = false; + break; + case (2): + doc.getElementById("desc_low").collapsed = true; + doc.getElementById("desc_medium_low").collapsed = true; + doc.getElementById("desc_medium_high").collapsed = false; + doc.getElementById("desc_high").collapsed = true; + break; + case (3): + doc.getElementById("desc_low").collapsed = true; + doc.getElementById("desc_medium_low").collapsed = false; + doc.getElementById("desc_medium_high").collapsed = true; + doc.getElementById("desc_high").collapsed = true; + break; + case (4): + doc.getElementById("desc_low").collapsed = false; + doc.getElementById("desc_medium_low").collapsed = true; + doc.getElementById("desc_medium_high").collapsed = true; + doc.getElementById("desc_high").collapsed = true; + break; + case (5): + doc.getElementById("desc_low").collapsed = true; + doc.getElementById("desc_medium_low").collapsed = true; + doc.getElementById("desc_medium_high").collapsed = true; + doc.getElementById("desc_high").collapsed = true; + break; + } + // It can happen that the descriptions of the slider settings consume more + // space than originally allocated. Adapt the dialog size accordingly. + sizeToContent(); } function torbutton_prefs_check_disk() { diff --git a/src/chrome/content/preferences.xul b/src/chrome/content/preferences.xul index 0a90f0f8..c270029a 100644 --- a/src/chrome/content/preferences.xul +++ b/src/chrome/content/preferences.xul @@ -1,5 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> <?xml-stylesheet href="chrome://global/skin/" type="text/css"?> +<?xml-stylesheet href="chrome://torbutton/skin/preferences.css" type="text/css"?> <!DOCTYPE overlay SYSTEM "chrome://torbutton/locale/torbutton.dtd"> @@ -156,36 +157,150 @@ <groupbox> <caption label="&torbutton.prefs.sec_caption;"/> <hbox> - <vbox> - <scale id="torbutton_sec_slider" height="200" min="1" max="4" + <vbox height="200"> + <scale id="torbutton_sec_slider" flex="1" min="1" max="4" movetoclick="true" orient="vertical"/> </vbox> <vbox height="200"> - <hbox flex="1" align="center"> - <description id="torbutton_sec_low" + <hbox flex="1" align="start"> + <description id="torbutton_sec_high" + tooltip="high_preview" onclick="torbutton_toggle_slider(document, 1);"> - &torbutton.prefs.sec_low; + &torbutton.prefs.sec_high; </description> </hbox> <hbox flex="1" align="center"> - <description id="torbutton_sec_med_low" + <description id="torbutton_sec_med_high" + tooltip="mh_preview" onclick="torbutton_toggle_slider(document, 2);"> - &torbutton.prefs.sec_med_low; + &torbutton.prefs.sec_med_high; </description> </hbox> <hbox flex="1" align="center"> - <description id="torbutton_sec_med_high" + <description id="torbutton_sec_med_low" + tooltip="ml_preview" onclick="torbutton_toggle_slider(document, 3);"> - &torbutton.prefs.sec_med_high; + &torbutton.prefs.sec_med_low; </description> </hbox> - <hbox flex="1" align="center"> - <description id="torbutton_sec_high" + <hbox flex="1" align="end"> + <description id="torbutton_sec_low" + tooltip="low_preview" onclick="torbutton_toggle_slider(document, 4);"> - &torbutton.prefs.sec_high; + &torbutton.prefs.sec_low; </description> </hbox> </vbox> + <spacer flex="1"/> + <!-- A width of 400 is already too much for OS X it seems. The above + spacer tag would basically be useless and the layout ugly. --> + <vbox flex="1" width="300"> + <vbox id="desc_high" collapsed="true"> + <description + class="slider-text-size, slider-text-weight"> + &torbutton.prefs.sec_gen_desc; + </description> + <description class="slider-text-size"> + &torbutton.prefs.sec_html5_desc; + </description> + <description class="slider-text-size" + tooltiptext="&torbutton.prefs.sec_jit_desc_tooltip;"> + &torbutton.prefs.sec_all_jit_desc; &torbutton.prefs.sec_jit_slower_desc; + <html:b class="b-blue">?</html:b> + </description> + <description class="slider-text-size"> + &torbutton.prefs.sec_jar_desc; + </description> + <description class="slider-text-size" + tooltiptext="&torbutton.prefs.sec_mathml_desc_tooltip;"> + &torbutton.prefs.sec_mathml_desc; + <html:b class="b-blue">?</html:b> + </description> + <description class="slider-text-size" + tooltiptext="&torbutton.prefs.sec_font_rend_svg_tooltip; &torbutton.prefs.sec_font_rend_graphite_tooltip;"> + &torbutton.prefs.sec_font_rend_desc; + <html:b class="b-blue">?</html:b> + </description> + <description class="slider-text-size" + tooltiptext="&torbutton.prefs.sec_js_desc_tooltip;"> + &torbutton.prefs.sec_all_js_desc; + <html:b class="b-blue">?</html:b> + </description> + <description class="slider-text-size" + tooltiptext="&torbutton.prefs.sec_svg_desc_tooltip;"> + &torbutton.prefs.sec_svg_desc; + <html:b class="b-blue">?</html:b> + </description> + <description class="slider-text-size" + tooltiptext="&torbutton.prefs.sec_webfonts_desc_tooltip;"> + &torbutton.prefs.sec_webfonts_desc; + <html:b class="b-blue">?</html:b> + </description> + </vbox> + <vbox id="desc_medium_high" collapsed="true"> + <description + class="slider-text-size, slider-text-weight"> + &torbutton.prefs.sec_gen_desc; + </description> + <description class="slider-text-size"> + &torbutton.prefs.sec_html5_desc; + </description> + <description class="slider-text-size" + tooltiptext="&torbutton.prefs.sec_jit_desc_tooltip; &torbutton.prefs.sec_baseline_jit_desc_tooltip;"> + &torbutton.prefs.sec_all_jit_desc; &torbutton.prefs.sec_jit_slower_desc; + <html:b class="b-blue">?</html:b> + </description> + <description class="slider-text-size"> + &torbutton.prefs.sec_jar_desc; + </description> + <description class="slider-text-size" + tooltiptext="&torbutton.prefs.sec_mathml_desc_tooltip;"> + &torbutton.prefs.sec_mathml_desc; + <html:b class="b-blue">?</html:b> + </description> + <description class="slider-text-size" + tooltiptext="&torbutton.prefs.sec_font_rend_svg_tooltip; &torbutton.prefs.sec_font_rend_graphite_tooltip;"> + &torbutton.prefs.sec_font_rend_desc; + <html:b class="b-blue">?</html:b> + </description> + <description class="slider-text-size" + tooltiptext="&torbutton.prefs.sec_js_desc_tooltip;"> + &torbutton.prefs.sec_js_https_desc; + <html:b class="b-blue">?</html:b> + </description> + </vbox> + <vbox id="desc_medium_low" collapsed="true"> + <description + class="slider-text-size, slider-text-weight"> + &torbutton.prefs.sec_gen_desc; + </description> + <description class="slider-text-size"> + &torbutton.prefs.sec_html5_desc; + </description> + <description class="slider-text-size" + tooltiptext="&torbutton.prefs.sec_jit_desc_tooltip;"> + &torbutton.prefs.sec_some_jit_desc; &torbutton.prefs.sec_jit_slower_desc; + <html:b class="b-blue">?</html:b> + </description> + <description class="slider-text-size"> + &torbutton.prefs.sec_jar_desc; + </description> + <description class="slider-text-size" + tooltiptext="&torbutton.prefs.sec_mathml_desc_tooltip;"> + &torbutton.prefs.sec_mathml_desc; + <html:b class="b-blue">?</html:b> + </description> + </vbox> + <vbox id="desc_low" collapsed="false"> + <description + class="slider-text-size, slider-text-weight"> + &torbutton.prefs.sec_low_desc; + </description> + <description class="slider-text-size"> + &torbutton.prefs.sec_low_usable_desc; + </description> + </vbox> + </vbox> </hbox> <hbox> <checkbox id="torbutton_sec_custom" flex="1" @@ -198,4 +313,43 @@ </tabpanels> </tabbox> + <tooltip id="high_preview"> + <html:b>&torbutton.prefs.sec_gen_desc;</html:b> + <html:br></html:br> + <html:br></html:br> + <html:div>&torbutton.prefs.sec_html5_desc;</html:div> + <html:div>&torbutton.prefs.sec_some_jit_desc;</html:div> + <html:div>&torbutton.prefs.sec_jar_desc;</html:div> + <html:div>&torbutton.prefs.sec_mathml_desc;</html:div> + <html:div>&torbutton.prefs.sec_font_rend_desc;</html:div> + <html:div>&torbutton.prefs.sec_all_js_desc;</html:div> + <html:div>&torbutton.prefs.sec_svg_desc;</html:div> + <html:div>&torbutton.prefs.sec_webfonts_desc;</html:div> + </tooltip> + <tooltip id="mh_preview"> + <html:b>&torbutton.prefs.sec_gen_desc;</html:b> + <html:br></html:br> + <html:br></html:br> + <html:div>&torbutton.prefs.sec_html5_desc;</html:div> + <html:div>&torbutton.prefs.sec_some_jit_desc;</html:div> + <html:div>&torbutton.prefs.sec_jar_desc;</html:div> + <html:div>&torbutton.prefs.sec_mathml_desc;</html:div> + <html:div>&torbutton.prefs.sec_font_rend_desc;</html:div> + <html:div>&torbutton.prefs.sec_js_https_desc;</html:div> + </tooltip> + <tooltip id="ml_preview"> + <html:b>&torbutton.prefs.sec_gen_desc;</html:b> + <html:br></html:br> + <html:br></html:br> + <html:div>&torbutton.prefs.sec_html5_desc;</html:div> + <html:div>&torbutton.prefs.sec_some_jit_desc;</html:div> + <html:div>&torbutton.prefs.sec_jar_desc;</html:div> + <html:div>&torbutton.prefs.sec_mathml_desc;</html:div> + </tooltip> + <tooltip id="low_preview"> + <html:b>&torbutton.prefs.sec_low_desc;</html:b> + <html:br></html:br> + <html:br></html:br> + <html:div>&torbutton.prefs.sec_low_usable_desc;</html:div> + </tooltip> </dialog> diff --git a/src/chrome/content/torbutton.js b/src/chrome/content/torbutton.js index f7e99a03..d3afef8d 100644 --- a/src/chrome/content/torbutton.js +++ b/src/chrome/content/torbutton.js @@ -235,15 +235,12 @@ var torbutton_unique_pref_observer = case "noscript.forbidMedia": case "media.webaudio.enabled": case "network.jar.block-remote-files": + case "mathml.disabled": case "javascript.options.baselinejit.content": case "noscript.forbidFonts": case "gfx.font_rendering.graphite.enabled": case "noscript.globalHttpsWhitelist": case "noscript.global": - case "media.ogg.enabled": - case "media.opus.enabled": - case "media.wave.enabled": - case "media.apple.mp3.enabled": // |m_tb_slider_update| is only set if the user updated a // preference under control of the security slider via the // slider on the Torbutton dialog. This in turn means we can @@ -2197,10 +2194,6 @@ function torbutton_update_thirdparty_prefs() { prefService.savePrefFile(null); } -var torbutton_sec_l_bool_prefs = { - "gfx.font_rendering.opentype_svg.enabled" : false, -}; - var torbutton_sec_ml_bool_prefs = { "javascript.options.ion.content" : false, "javascript.options.typeinference" : false, @@ -2208,23 +2201,21 @@ var torbutton_sec_ml_bool_prefs = { "noscript.forbidMedia" : true, "media.webaudio.enabled" : false, "network.jar.block-remote-files" : true, - // XXX: pref for disabling MathML is missing + "mathml.disabled" : true }; var torbutton_sec_mh_bool_prefs = { "javascript.options.baselinejit.content" : false, + "gfx.font_rendering.graphite.enabled" : false, + "gfx.font_rendering.opentype_svg.enabled" : false, "noscript.global" : false, - "noscript.globalHttpsWhitelist" : true, - // XXX: pref for disableing SVG is missing + "noscript.globalHttpsWhitelist" : true }; var torbutton_sec_h_bool_prefs = { "noscript.forbidFonts" : true, "noscript.global" : false, - "media.ogg.enabled" : false, - "media.opus.enabled" : false, - "media.wave.enabled" : false, - "media.apple.mp3.enabled" : false + // XXX: pref for disabling SVG is missing }; function torbutton_update_security_slider() { @@ -2233,18 +2224,20 @@ function torbutton_update_security_slider() { let mode = m_tb_prefs.getIntPref("extensions.torbutton.security_slider"); let capValue = m_tb_prefs.getCharPref("capability.policy.maonoscript.sites"); switch (mode) { - case 1: - for (p in torbutton_sec_l_bool_prefs) { - m_tb_prefs.setBoolPref(p, torbutton_sec_l_bool_prefs[p]); - } + case 1: for (p in torbutton_sec_ml_bool_prefs) { - m_tb_prefs.setBoolPref(p, !torbutton_sec_ml_bool_prefs[p]) + m_tb_prefs.setBoolPref(p, torbutton_sec_ml_bool_prefs[p]) } for (p in torbutton_sec_mh_bool_prefs) { - m_tb_prefs.setBoolPref(p, !torbutton_sec_mh_bool_prefs[p]) + m_tb_prefs.setBoolPref(p, torbutton_sec_mh_bool_prefs[p]) + // noscript.globalHttpsWhitelist is special: We don't want it in this + // mode. + if (p === "noscript.globalHttpsWhitelist") { + m_tb_prefs.setBoolPref(p, !torbutton_sec_mh_bool_prefs[p]) + } } for (p in torbutton_sec_h_bool_prefs) { - m_tb_prefs.setBoolPref(p, !torbutton_sec_h_bool_prefs[p]) + m_tb_prefs.setBoolPref(p, torbutton_sec_h_bool_prefs[p]) } // Removing "https:" is needed due to a bug in older Noscript versions. // We leave that in for a while as there may be users that were affected @@ -2254,18 +2247,22 @@ function torbutton_update_security_slider() { m_tb_prefs.setCharPref("capability.policy.maonoscript.sites", capValue.replace(" https:", "")); } - if (m_tb_prefs.getCharPref("general.useragent.locale") !== "ko" || - m_tb_prefs.getCharPref("general.useragent.locale") !== "vi" || - m_tb_prefs.getCharPref("general.useragent.locale") !== "zh-CN") { - m_tb_prefs.setBoolPref("gfx.font_rendering.graphite.enabled", false); - } else { - m_tb_prefs.setBoolPref("gfx.font_rendering.graphite.enabled", true); - } break; case 2: - for (p in torbutton_sec_l_bool_prefs) { - m_tb_prefs.setBoolPref(p, torbutton_sec_l_bool_prefs[p]); + for (p in torbutton_sec_ml_bool_prefs) { + m_tb_prefs.setBoolPref(p, torbutton_sec_ml_bool_prefs[p]) + } + // Order matters here as both the high mode and the medium-high mode + // share some preferences/values. So, let's revert the high mode + // preferences first and set the medium-high mode ones afterwards. + for (p in torbutton_sec_h_bool_prefs) { + m_tb_prefs.setBoolPref(p, !torbutton_sec_h_bool_prefs[p]) + } + for (p in torbutton_sec_mh_bool_prefs) { + m_tb_prefs.setBoolPref(p, torbutton_sec_mh_bool_prefs[p]) } + break; + case 3: for (p in torbutton_sec_ml_bool_prefs) { m_tb_prefs.setBoolPref(p, torbutton_sec_ml_bool_prefs[p]) } @@ -2283,49 +2280,16 @@ function torbutton_update_security_slider() { m_tb_prefs.setCharPref("capability.policy.maonoscript.sites", capValue.replace(" https:", "")); } - if (m_tb_prefs.getCharPref("general.useragent.locale") !== "ko" || - m_tb_prefs.getCharPref("general.useragent.locale") !== "vi" || - m_tb_prefs.getCharPref("general.useragent.locale") !== "zh-CN") { - m_tb_prefs.setBoolPref("gfx.font_rendering.graphite.enabled", false); - } else { - m_tb_prefs.setBoolPref("gfx.font_rendering.graphite.enabled", true); - } - break; - case 3: - for (p in torbutton_sec_l_bool_prefs) { - m_tb_prefs.setBoolPref(p, torbutton_sec_l_bool_prefs[p]); - } - for (p in torbutton_sec_ml_bool_prefs) { - m_tb_prefs.setBoolPref(p, torbutton_sec_ml_bool_prefs[p]) - } - // Order matters here as both the high mode and the medium-high mode - // share some preferences/values. So, let's revert the high mode - // preferences first and set the medium-high mode ones afterwards. - for (p in torbutton_sec_h_bool_prefs) { - m_tb_prefs.setBoolPref(p, !torbutton_sec_h_bool_prefs[p]) - } - for (p in torbutton_sec_mh_bool_prefs) { - m_tb_prefs.setBoolPref(p, torbutton_sec_mh_bool_prefs[p]) - } - m_tb_prefs.setBoolPref("gfx.font_rendering.graphite.enabled", false); break; case 4: - for (p in torbutton_sec_l_bool_prefs) { - m_tb_prefs.setBoolPref(p, torbutton_sec_l_bool_prefs[p]); - } for (p in torbutton_sec_ml_bool_prefs) { - m_tb_prefs.setBoolPref(p, torbutton_sec_ml_bool_prefs[p]) + m_tb_prefs.setBoolPref(p, !torbutton_sec_ml_bool_prefs[p]) } for (p in torbutton_sec_mh_bool_prefs) { - m_tb_prefs.setBoolPref(p, torbutton_sec_mh_bool_prefs[p]) - // noscript.globalHttpsWhitelist is special: We don't want it in this - // mode. - if (p === "noscript.globalHttpsWhitelist") { - m_tb_prefs.setBoolPref(p, !torbutton_sec_mh_bool_prefs[p]) - } + m_tb_prefs.setBoolPref(p, !torbutton_sec_mh_bool_prefs[p]) } for (p in torbutton_sec_h_bool_prefs) { - m_tb_prefs.setBoolPref(p, torbutton_sec_h_bool_prefs[p]) + m_tb_prefs.setBoolPref(p, !torbutton_sec_h_bool_prefs[p]) } // Removing "https:" is needed due to a bug in older Noscript versions. // We leave that in for a while as there may be users that were affected @@ -2335,7 +2299,6 @@ function torbutton_update_security_slider() { m_tb_prefs.setCharPref("capability.policy.maonoscript.sites", capValue.replace(" https:", "")); } - m_tb_prefs.setBoolPref("gfx.font_rendering.graphite.enabled", true); break; } m_tb_sliderUpdate = false; @@ -2348,35 +2311,23 @@ function torbutton_security_slider_custom_check(mode) { let capValue = m_tb_prefs.getCharPref("capability.policy.maonoscript.sites"); switch (mode) { case 1: - for (p in torbutton_sec_l_bool_prefs) { - if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_l_bool_prefs[p]) { - return; - } - } for (p in torbutton_sec_ml_bool_prefs) { - if (m_tb_prefs.getBoolPref(p) === torbutton_sec_ml_bool_prefs[p]) { + if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_ml_bool_prefs[p]) { return; } } for (p in torbutton_sec_mh_bool_prefs) { - if (m_tb_prefs.getBoolPref(p) === torbutton_sec_mh_bool_prefs[p]) { + if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_mh_bool_prefs[p]) { + // We don't want to have the whitelist in high mode. JavaScript is + // disabled globally. + if (p === "noscript.globalHttpsWhitelist") { + continue; + } return; } } for (p in torbutton_sec_h_bool_prefs) { - if (m_tb_prefs.getBoolPref(p) === torbutton_sec_h_bool_prefs[p]) { - return; - } - } - if (m_tb_prefs.getCharPref("general.useragent.locale") !== "ko" || - m_tb_prefs.getCharPref("general.useragent.locale") !== "vi" || - m_tb_prefs.getCharPref("general.useragent.locale") !== "zh-CN") { - - if (m_tb_prefs.getBoolPref("gfx.font_rendering.graphite.enabled")) { - return; - } - } else { - if (!m_tb_prefs.getBoolPref("gfx.font_rendering.graphite.enabled")) { + if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_h_bool_prefs[p]) { return; } } @@ -2385,35 +2336,23 @@ function torbutton_security_slider_custom_check(mode) { m_tb_prefs.setBoolPref("extensions.torbutton.security_custom", false); break; case 2: - for (p in torbutton_sec_l_bool_prefs) { - if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_l_bool_prefs[p]) { - return; - } - } for (p in torbutton_sec_ml_bool_prefs) { if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_ml_bool_prefs[p]) { return; } } for (p in torbutton_sec_mh_bool_prefs) { - if (m_tb_prefs.getBoolPref(p) === torbutton_sec_mh_bool_prefs[p]) { + if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_mh_bool_prefs[p]) { return; } } for (p in torbutton_sec_h_bool_prefs) { if (m_tb_prefs.getBoolPref(p) === torbutton_sec_h_bool_prefs[p]) { - return; - } - } - if (m_tb_prefs.getCharPref("general.useragent.locale") !== "ko" || - m_tb_prefs.getCharPref("general.useragent.locale") !== "vi" || - m_tb_prefs.getCharPref("general.useragent.locale") !== "zh-CN") { - - if (m_tb_prefs.getBoolPref("gfx.font_rendering.graphite.enabled")) { - return; - } - } else { - if (!m_tb_prefs.getBoolPref("gfx.font_rendering.graphite.enabled")) { + // We have the whitelist and JavaScript is disabled in medium-high + // mode as well. + if (p === "noscript.global") { + continue; + } return; } } @@ -2422,67 +2361,41 @@ function torbutton_security_slider_custom_check(mode) { m_tb_prefs.setBoolPref("extensions.torbutton.security_custom", false); break; case 3: - for (p in torbutton_sec_l_bool_prefs) { - if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_l_bool_prefs[p]) { - return; - } - } for (p in torbutton_sec_ml_bool_prefs) { if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_ml_bool_prefs[p]) { return; } } for (p in torbutton_sec_mh_bool_prefs) { - if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_mh_bool_prefs[p]) { + if (m_tb_prefs.getBoolPref(p) === torbutton_sec_mh_bool_prefs[p]) { return; } } for (p in torbutton_sec_h_bool_prefs) { if (m_tb_prefs.getBoolPref(p) === torbutton_sec_h_bool_prefs[p]) { - // We have the whitelist and JavaScript is disabled in medium-high - // mode as well. - if (p === "noscript.global") { - continue; - } return; } } - if (m_tb_prefs.getBoolPref("gfx.font_rendering.graphite.enabled")) { - return; - } // We are still here which means all preferences are properly reset. Leave // custom mode. m_tb_prefs.setBoolPref("extensions.torbutton.security_custom", false); break; case 4: - for (p in torbutton_sec_l_bool_prefs) { - if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_l_bool_prefs[p]) { - return; - } - } for (p in torbutton_sec_ml_bool_prefs) { - if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_ml_bool_prefs[p]) { + if (m_tb_prefs.getBoolPref(p) === torbutton_sec_ml_bool_prefs[p]) { return; } } for (p in torbutton_sec_mh_bool_prefs) { - if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_mh_bool_prefs[p]) { - // We don't want to have the whitelist in high mode. JavaScript is - // disabled globally. - if (p === "noscript.globalHttpsWhitelist") { - continue; - } + if (m_tb_prefs.getBoolPref(p) === torbutton_sec_mh_bool_prefs[p]) { return; } } for (p in torbutton_sec_h_bool_prefs) { - if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_h_bool_prefs[p]) { + if (m_tb_prefs.getBoolPref(p) === torbutton_sec_h_bool_prefs[p]) { return; } } - if (!m_tb_prefs.getBoolPref("gfx.font_rendering.graphite.enabled")) { - return; - } // We are still here which means all preferences are properly reset. Leave // custom mode. m_tb_prefs.setBoolPref("extensions.torbutton.security_custom", false); diff --git a/src/chrome/locale/en/torbutton.dtd b/src/chrome/locale/en/torbutton.dtd index 15ae1e6e..9a67c802 100644 --- a/src/chrome/locale/en/torbutton.dtd +++ b/src/chrome/locale/en/torbutton.dtd @@ -153,8 +153,33 @@ <!ENTITY torbutton.prefs.resist_fingerprinting "Change details that distinguish you from other Tor Browser users"> <!ENTITY torbutton.prefs.sec_caption "Security Level"> <!ENTITY torbutton.prefs.sec_low "Low (default)"> +<!ENTITY torbutton.prefs.sec_low_usable_desc "This provides the most usable experience."> +<!ENTITY torbutton.prefs.sec_low_desc "At this security level, all browser features are enabled."> +<!ENTITY torbutton.prefs.sec_font_rend_svg_tooltip "The SVG OpenType font rendering mechanism is disabled."> <!ENTITY torbutton.prefs.sec_med_low "Medium-Low"> +<!ENTITY torbutton.prefs.sec_gen_desc "At this security level, the following changes apply:"> +<!ENTITY torbutton.prefs.sec_html5_desc "HTML5 video and audio media become click-to-play via NoScript."> +<!ENTITY torbutton.prefs.sec_some_jit_desc "Some JavaScript performance optimizations are disabled."> +<!ENTITY torbutton.prefs.sec_jit_desc_tooltip "ION JIT, Type Inference, ASM.JS."> +<!ENTITY torbutton.prefs.sec_baseline_jit_desc_tooltip "Baseline JIT."> +<!ENTITY torbutton.prefs.sec_jit_slower_desc "Scripts on some sites may run slower."> +<!ENTITY torbutton.prefs.sec_jar_desc "Remote JAR files are blocked."> +<!ENTITY torbutton.prefs.sec_mathml_desc "Some mechanisms of displaying math equations are disabled."> +<!ENTITY torbutton.prefs.sec_mathml_desc_tooltip "MathML is disabled."> <!ENTITY torbutton.prefs.sec_med_high "Medium-High"> +<!ENTITY torbutton.prefs.sec_all_jit_desc "All JavaScript performance optimizations are disabled."> +<!ENTITY torbutton.prefs.sec_font_rend_desc "Some font rendering features are disabled."> +<!ENTITY torbutton.prefs.sec_font_rend_graphite_tooltip "The Graphite font rendering mechanism is disabled."> +<!ENTITY torbutton.prefs.sec_svg_desc "Some types of images are disabled."> +<!ENTITY torbutton.prefs.sec_svg_desc_tooltip "SVG images are disabled."> +<!ENTITY torbutton.prefs.sec_js_https_desc "JavaScript is disabled by default on all non-HTTPS sites."> +<!ENTITY torbutton.prefs.sec_js_desc_tooltip "JavaScript can be enabled on a per-site basis via the NoScript toolbar button."> <!ENTITY torbutton.prefs.sec_high "High"> +<!ENTITY torbutton.prefs.sec_all_js_desc "JavaScript is disabled by default on all sites."> +<!ENTITY torbutton.prefs.sec_audio_video_desc "Most audio and video formats are disabled."> +<!ENTITY torbutton.prefs.sec_audio_video_desc_tooltip "WebM is the only codec that remains enabled."> +<!ENTITY torbutton.prefs.sec_webfonts_desc "Some fonts and icons may display incorrectly."> +<!ENTITY torbutton.prefs.sec_webfonts_desc_tooltip "Website-provided font files are blocked."> <!ENTITY torbutton.prefs.sec_custom "Custom Values"> <!ENTITY torbutton.circuit_display.title "Tor circuit for this site"> + diff --git a/src/chrome/skin/preferences.css b/src/chrome/skin/preferences.css new file mode 100644 index 00000000..2ed18587 --- /dev/null +++ b/src/chrome/skin/preferences.css @@ -0,0 +1,11 @@ +.slider-text-weight { + font-weight: bold; +} + +.slider-text-size { + font-size: 95%; +} + +.b-blue { + color: blue; +} diff --git a/src/defaults/preferences/preferences.js b/src/defaults/preferences/preferences.js index fb1a7022..677447be 100644 --- a/src/defaults/preferences/preferences.js +++ b/src/defaults/preferences/preferences.js @@ -176,7 +176,7 @@ pref("extensions.torbutton.block_disk", true); pref("extensions.torbutton.resist_fingerprinting", true); pref("extensions.torbutton.restrict_thirdparty", true); // Security Slider -pref("extensions.torbutton.security_slider", 1); +pref("extensions.torbutton.security_slider", 4); pref("extensions.torbutton.security_custom", false); // Google Captcha prefs |