summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* fixupbug31660_00Matthew Finkel2020-05-27
|
* fixupMatthew Finkel2020-05-27
|
* fixup!Matthew Finkel2020-05-26
|
* fixup! torbutton branchMatthew Finkel2020-05-26
|
* fixup! urlMatthew Finkel2020-05-26
|
* fixup!Matthew Finkel2020-05-26
|
* fixup!Matthew Finkel2020-05-25
|
* Bug 31660 - Add What's New onboarding itemMatthew Finkel2020-05-19
|
* fixup! Pick up latest Torbutton codeMatthew Finkel2020-05-18
|
* Merge remote-tracking branch 'acatgh/34196+2' into tor-browser-68.8.0esr-9.5-1Matthew Finkel2020-05-18
|\
| * fixup! Bug 34196: Update site info URL with the onion nameAlex Catarineu2020-05-15
| |
* | (ESR68) Bug 1511941 - Don't expose PerformanceNavigationTiming in RFP modesanketh2020-05-15
|/ | | | | | | | | | | | | | | | In RFP mode, we do not support PerformanceNavigationTiming, so don't expose it. In particular, window.PerformanceNavigationTiming should return undefined. Added a new method PerformanceNavigationTiming::Enabled which when used with the WebIDL Func attribute allows us to toggle whether window.PerformanceNavigationTiming is exposed. Created dom/tests/mochitest/general/test_toggling_performance_navigation_timing.html to test whether the toggling works. Updated browser/components/resistfingerprinting/test/browser/browser_performanceAPI.js to create a new window each time privacy.resistFingerprinting is flipped so this behavior does not leak into other tests.
* Merge remote-tracking branch 'acatgh/34196+1' into tor-browser-68.8.0esr-9.5-1Matthew Finkel2020-05-14
|\
| * Bug 34196: Update site info URL with the onion nameAlex Catarineu2020-05-13
|/
* fixup! Pick up latest Torbutton codeMatthew Finkel2020-05-02
|
* Bug 32418: Allow updates to be disabled via an enterprise policy.Kathy Brade2020-05-02
| | | | | | | | | | | | | | | | | Restrict the Enterprise Policies mechanism to only consult a policies.json file (avoiding the Windows Registry and macOS's file system attributes). Add a few disabledByPolicy() checks to the update service to avoid extraneous (and potentially confusing) log messages when updates are disabled by policy. Sample content for distribution/policies.json: { "policies": { "DisableAppUpdate": true } }
* Revert "Bug 30575: Don't allow enterprise policies in Tor Browser"Kathy Brade2020-05-02
| | | | This reverts commit d362cff17d44a82534ea553cbf50fa76906cc218.
* Bug 28005: Implement .onion alias urlbar rewritesAlex Catarineu2020-05-02
| | | | | | | | | | A custom HTTPS Everywhere update channel is installed, which provides rules for locally redirecting some memorable .tor.onion URLs to non-memorable .onion URLs. When these redirects occur, we also rewrite the URL in the urlbar to display the human-memorable hostname instead of the actual .onion.
* Bug 21952: Implement Onion-LocationAlex Catarineu2020-05-02
| | | | | | | Whenever a valid Onion-Location HTTP header (or corresponding HTML <meta> http-equiv attribute) is found in a document load, we either redirect to it (if the user opted-in via preference) or notify the presence of an onionsite alternative with a badge in the urlbar.
* Bug 33342: Avoid disconnect search addon error after removal.Alex Catarineu2020-05-02
| | | | | | We removed the addon in #32767, but it was still being loaded from addonStartup.json.lz4 and throwing an error on startup because its resource: location is not available anymore.
* Bug 32493: Disable MOZ_SERVICES_HEALTHREPORTNicolas Vigier2020-05-02
|
* Bug 32658: Create a new MAR signing keyGeorg Koppen2020-05-02
| | | | | It's time for our rotation again: Move the backup key in the front position and add a new backup key.
* Revert "Bug 31764: Fix for error when navigating via 'Paste and go'"Nicolas Vigier2020-05-02
| | | | | | This reverts commit 59d89229b68f8fbaa46e910a9bd03a6b26e8403e. With #32470 we backported Mozilla's fix for this issue.
* Bug 1590538 - Don't pass an empty object to urlbar-user-start-navigation ↵Marco Bonardo2020-05-02
| | | | | | | | | because it doesn't handle it properly. r=Standard8 Differential Revision: https://phabricator.services.mozilla.com/D50634 --HG-- extra : moz-landing-system : lando
* Bug 32414: Make Services.search.addEngine obey FPIAlex Catarineu2020-05-02
|
* Bug 461204 - Improve the random number generator for the boundaries in ↵Alex Catarineu2020-05-02
| | | | | | | | | | | | | | | | | | | multipart/form-data r=smaug Using a weak RNG for the form boundary allows a website operator to perform several attacks on users (as outlined in https://trac.torproject.org/projects/tor/ticket/22919) These include: - Identifying Windows users based on the unseeded RNG - Identify the number of form submissions that have occurred cross-origin between same-origin submissions Additionally, a predictable boundary makes it possible to forge a boundary in the middle of a file upload. Differential Revision: https://phabricator.services.mozilla.com/D56056 --HG-- extra : moz-landing-system : lando
* Bug 30237: Add v3 onion services client authentication promptKathy Brade2020-05-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When Tor informs the browser that client authentication is needed, temporarily load about:blank instead of about:neterror and prompt for the user's key. If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD control port command to add the key (via Torbutton's control port module) and reload the page. If the user cancels the prompt, display the standard about:neterror "Unable to connect" page. This requires a small change to browser/actors/NetErrorChild.jsm to account for the fact that the docShell no longer has the failedChannel information. The failedChannel is used to extract TLS-related error info, which is not applicable in the case of a canceled .onion authentication prompt. Add a leaveOpen option to PopupNotifications.show so we can display error messages within the popup notification doorhanger without closing the prompt. Add support for onion services strings to the TorStrings module. Add support for Tor extended SOCKS errors (Tor proposal 304) to the socket transport and SOCKS layers. Improved display of all of these errors will be implemented as part of bug 30025. squash! Bug 30237: Add v3 onion services client authentication prompt Also fixes bug 19757: Add a "Remember this key" checkbox to the client auth prompt. Add an "Onion Services Authentication" section within the about:preferences "Privacy & Security section" to allow viewing and removal of v3 onion client auth keys that have been stored on disk. squash! Bug 30237: Add v3 onion services client authentication prompt Also fixes bug 19251: use enhanced error pages for onion service errors.
* Bug 1590526 - Temporarily allow node adoption across different docGroups for ↵Sean Feng2020-05-02
| | | | | | | | | | | | | the content/content case r=smaug,zombie a=pascalc As web extensions rely on this node adoption between content to content documents, we want to continue allowing this capability to work for now. Differential Revision: https://phabricator.services.mozilla.com/D50348 --HG-- extra : source : 78c33df33145bd63cd303264734d0b7d85151908 extra : histedit_source : 280627c1dba1ad7b8d82f5a315b5c2170bf3167b
* Bug 1467970 - Unsupport cross docGroup adoption r=smaugSean Feng2020-05-02
| | | | | | | Differential Revision: https://phabricator.services.mozilla.com/D43135 --HG-- extra : moz-landing-system : lando
* Bug #32405: Crash immediately after bootstrap on Androidsisbell2020-05-02
|
* Bug 1554805 - Never set firstPartyDomain on origin attributes for ↵Johann Hofmann2020-05-02
| | | | | | | | | moz-extension. r=rpl,Ehsan,tjr Differential Revision: https://phabricator.services.mozilla.com/D47425 --HG-- extra : moz-landing-system : lando
* Bug 1598647 - Set Origin to null with network.http.referer.hideOnionSource ↵Alex Catarineu2020-05-02
| | | | | | | | | r=JuniorHsu Differential Revision: https://phabricator.services.mozilla.com/D54303 --HG-- extra : moz-landing-system : lando
* Bug 31573: Catch SessionStore.jsm exceptionGeorg Koppen2020-05-02
| | | | This is a backport of the fix for Mozilla's bug 1591259.
* Bug 32220: Improve the letterboxing experienceRichard Pospesel2020-05-02
| | | | | | | | | | | | | CSS and JS changes to alter the UX surrounding letterboxing. The browser element containing page content is now anchored to the bottom of the toolbar, and the remaining letterbox margin is the same color as the firefox chrome. The letterbox margin and border are tied to the currently selected theme. Also adds a 'needsLetterbox' property to tabbrowser.xml to fix a race condition present when using the 'isEmpty' property. Using 'isEmpty' as a proxy for 'needsLetterbox' resulted in over-zealous/unnecessary letterboxing of about:blank tabs.
* Bug 1581537 - Avoid several browser language leaks r=smaugAlex Catarineu2020-05-02
| | | | | | | | | | Spoof dom/dom.properties, layout/xmlparser.properties, layout/MediaDocument.properties to en-US if needed. Differential Revision: https://phabricator.services.mozilla.com/D46034 --HG-- extra : moz-landing-system : lando
* Bug 1556017 - Fixing the off-by-one-pixel issue of find bar and devtool ↵Tim Huang2020-05-02
| | | | | | | | | | | | | | | | | | | | | iframe for Letterboxing. r=johannh This patch fixes the off-by-one-pixel issue of Letterboxing. For FindBar, it will be created when the user requests it and will be hidden if the user close it after that. The problem of the original approach is that it only observes the existance of the FindBar element but not the fact that whether or not it is visible. So, it will miscalculate the offset of FindBar after it has been created and closed. For devtools, the original approach adds one pixel offset for the separator. However, this one pixel offset is not required since there is no extra separator outside the devtools iframe. So, we don't need that and this patch removes this one pixel for the devtools. Differential Revision: https://phabricator.services.mozilla.com/D34156 --HG-- extra : moz-landing-system : lando
* Bug 1546832 - Adjust letterboxing to take the FindBar and Devtools into ↵Tom Ritter2020-05-02
| | | | | | | | | account r=johannh Differential Revision: https://phabricator.services.mozilla.com/D31639 --HG-- extra : moz-landing-system : lando
* Bug 1534339 - make OriginAttributes deserializable; r=bakuLiang-Heng Chen2020-05-02
| | | | | | | | | | `CreateSuffix` is irreversible by `PopulateFromSuffix` because it uses a multi-to-one mapping. Since only ':' will happen in a IPv6 format, we can make it a 1-to-1 mapping so that the `firstPartyDomain` is consistent after `CreateSuffix` and `PopulateFromSuffix`. Differential Revision: https://phabricator.services.mozilla.com/D47910 --HG-- extra : moz-landing-system : lando
* Bug 27604: Fix addon issues when moving TB directoryAlex Catarineu2020-05-02
|
* Bug 31658: Changed the 'SECURITY LEVEL' text color to builtin ↵Richard Pospesel2020-05-02
| | | | --panel-disabled-color
* Bug 32188: Change useLocalProxy string to tor-launcher's ↵Richard Pospesel2020-05-02
| | | | torsettings.useProxy.checkbox in TorStrings.jsm
* Bug 31764: Fix for error when navigating via 'Paste and go'Richard Pospesel2020-05-02
| | | | | | | | | | | | | | | | | | | | | | | | | | The onURLBarUserStartNavigation callback expects an object from the UrlBarInput with information about how a URL was navigated to. This specifically helps to deal with the various buttons and links in the UrlBar dropdown (search engines, bookmarks, suggestions, etc). However, when using 'Paste and go' this data is not present nor relevant and an empty object {} is provided instead. This also happens if the user types the 'verbose url' (for example: https://www.example.com rather than www.example.com), navigates away from the urlbar thus dismissing the dropdown, then navigating back to the urlbar and hitting enter. Pasting the less 'verbose url' causes the code to go down another path which attempts to resolve the actual url before attempting to call _loadURL with a null result object, rather than an empty {} result object. In this scenario no exception is thrown. This patch explicitly passes null rather than implicitly passing {} to _loadURL when a resolved 'verbose' url is entered into the UrlBar via 'Paste and go' (as well as the previously described type -> dismiss popup -> enter flow).
* Bug 31803: Replaced about:debugging logo with flat versionRichard Pospesel2020-05-02
|
* Bug 1585351 - Bug 1460357 disabled AVX instructions for the mingw build; ↵Tom Ritter2020-05-02
| | | | | | | | | | | | this is no longer needed r=lsalzman Bug 1460357 disabled AVX because gcc was generating unaligned instructions. But clang doesn't seem to do that. Differential Revision: https://phabricator.services.mozilla.com/D48072 --HG-- extra : moz-landing-system : lando
* Bug 26529 - Prompt before opening external appMatthew Finkel2020-05-02
|
* Bug 31144 - Do not switching apps from CustomTabs without consentMatthew Finkel2020-05-02
|
* Bug 31740: Remove some unnecessary RemoteSettings instancesAlex Catarineu2020-05-02
| | | | | More concretely, SearchService.jsm 'hijack-blocklists' and url-classifier-skip-urls.
* Bug 32111: Fixed issue parsing user-provided brige stringsRichard Pospesel2020-05-02
| | | | | | Fixed parseBridgeStrings function in parseFunctions.jsm to now discard 'bridge' string prefix in user-provided bridge strings. Also now properly handling carriage returns ('\r') in bridge strings.
* Bug 31749: Fix security level panel spawning eventsRichard Pospesel2020-05-02
| | | | | | | Fixed logic for when the Security Level panel is spawned based on input to mirror behavior of Downloads, Library and Hamburger menus. The panel now spawns on left-mouse button down, and on keyboard activation when user presses 'space' or 'enter'.
* Bug 31920: Fix Security Level panel when its toolbar button moves to overflowRichard Pospesel2020-05-02
| | | | | | | | | | | | | | | Simply removed the 'clever' caching of the underlying toolbar button element. Now, each time the button is needed it is queried from the underlying document. A correct, but more complicated, fix would be to determine when the toolbar button had been moved to the overflow menu and then update our cached reference. However, this would be super brittle and would break once another way to move the toolbar button is added in the future. In the end, caching something so infrequently queried is not worth the complexity.
generated by cgit v1.2.1 (git 2.18.0) at 2024-02-02 12:15:05 +0000