tbb-commits October 2023

tbb-commits@lists.torproject.org

1 participants
161 discussions

[Git][tpo/applications/tor-browser][tor-browser-115.3.1esr-13.0-1] 2 commits: fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in...
by Pier Angelo Vendrame (＠pierov) 05 Oct '23

05 Oct '23

Pier Angelo Vendrame pushed to branch tor-browser-115.3.1esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 6fe8a2bf by Pier Angelo Vendrame at 2023-10-05T18:54:20+02:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 42155: Drop the unused code for the old bridge removal warning - - - - - 8ec6aad8 by Pier Angelo Vendrame at 2023-10-05T18:54:22+02:00 fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection Bug 41974: Update the rule for de-emphasized text in bridge addresses - - - - - 2 changed files: - browser/components/torpreferences/content/connectionPane.js - browser/components/torpreferences/content/torPreferences.css Changes: ===================================== browser/components/torpreferences/content/connectionPane.js ===================================== @@ -125,13 +125,6 @@ const gConnectionPane = (function () { requestButton: "#torPreferences-addBridge-buttonRequestBridge", enterLabel: "#torPreferences-addBridge-labelEnterBridge", enterButton: "#torPreferences-addBridge-buttonEnterBridge", - removeOverlay: "#bridge-remove-overlay", - removeModal: "#bridge-remove-modal", - removeDismiss: "#bridge-remove-dismiss", - removeQuestion: "#bridge-remove-question", - removeWarning: "#bridge-remove-warning", - removeConfirm: "#bridge-remove-confirm", - removeCancel: "#bridge-remove-cancel", }, advanced: { header: "h1#torPreferences-advanced-header", ===================================== browser/components/torpreferences/content/torPreferences.css ===================================== @@ -332,7 +332,7 @@ input.torPreferences-bridgeCard-addr { width: 100%; - color: var(--in-content-deemphasized-text); + color: var(--text-color-deemphasized); } .torPreferences-bridgeCard-leranMoreBox { @@ -511,94 +511,3 @@ textarea#torPreferences-torDialog-textarea { /* 10 lines */ min-height: 20em; } - -/* Bridge remove overlay */ -#bridge-remove-overlay { - position: fixed; - display: flex; - align-items: center; - justify-content: center; - top: 0; - inset: 0; - width: 100%; - height: 100%; - z-index: 1; - background-color: rgba(0, 0, 0, 0.5); -} - -#bridge-remove-overlay.hidden { - display: none; -} - -#bridge-remove-modal { - position: relative; - min-width: 250px; - max-width: 500px; - min-height: 200px; - z-index: 2; - text-align: center; - background: var(--in-content-page-background); - box-shadow: var(--shadow-30); -} - -#bridge-remove-dismiss { - position: absolute; - top: 16px; - inset-inline-end: 16px; - width: 16px; - height: 16px; - fill: currentColor; - -moz-context-properties: fill; -} - -#bridge-remove-dismiss:hover { - background-color: var(--in-content-button-background-hover); - color: var(--in-content-button-text-color-hover); - border: 1px solid var(--in-content-button-border-color-hover); - border-radius: 4px; -} - -#bridge-remove-dismiss:hover:active { - background-color: var(--in-content-button-background-active); -} - -#bridge-remove-icon { - width: 40px; - height: 40px; - background-image: url("chrome://global/skin/icons/warning.svg"); - background-size: 40px; - margin: 16px auto; - fill: currentColor; - -moz-context-properties: fill; -} - -#bridge-remove-question { - font-size: 150%; -} - -#bridge-remove-warning { - color: var(--in-content-deemphasized-text); -} - -#bridge-remove-buttonbar { - padding: 16px 32px; -} - -#bridge-remove-buttonbar button { - min-width: 140px; -} - -#bridge-remove-confirm { - background: var(--in-content-danger-button-background); - color: var(--in-content-primary-button-text-color); -} - -#bridge-remove-confirm:hover { - background: var(--in-content-danger-button-background-hover); - color: var(--in-content-primary-button-text-color-hover); - border-color: var(--in-content-primary-button-border-hover); -} - -#bridge-remove-confirm:hover:active { - background: var(--in-content-danger-button-background-active); -} View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c62d34… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c62d34… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.3.1esr-13.0-1] fixup! Bug 40926: Implemented the New Identity feature
by ma1 (＠ma1) 05 Oct '23

05 Oct '23

ma1 pushed to branch tor-browser-115.3.1esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: c62d3405 by hackademix at 2023-10-05T17:34:00+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 41765: Force about:privatebrowsing in new identity window. - - - - - 2 changed files: - browser/base/content/browser.js - browser/components/newidentity/content/newidentity.js Changes: ===================================== browser/base/content/browser.js ===================================== @@ -4585,7 +4585,7 @@ function OpenBrowserWindow(options) { var extraFeatures = ""; if (options && options.private && PrivateBrowsingUtils.enabled) { extraFeatures = ",private"; - if (!PrivateBrowsingUtils.permanentPrivateBrowsing) { + if (!PrivateBrowsingUtils.permanentPrivateBrowsing || options.private === "no-home") { // Force the new window to load about:privatebrowsing instead of the default home page defaultArgs = "about:privatebrowsing"; } ===================================== browser/components/newidentity/content/newidentity.js ===================================== @@ -433,11 +433,8 @@ XPCOMUtils.defineLazyGetter(this, "NewIdentityButton", () => { openNewWindow() { logger.info("Opening a new window"); return new Promise(resolve => { - // Open a new window with the default homepage - // We could pass {private: true} but we do not because we enforce - // browser.privatebrowsing.autostart = true. - // What about users that change settings? - const win = OpenBrowserWindow(); + // Open a new window forcing the about:privatebrowsing page (tor-browser#41765) + const win = OpenBrowserWindow({private: "no-home"}); // This mechanism to know when the new window is ready is used by // OpenBrowserWindow itself (see its definition in browser.js). win.addEventListener("MozAfterPaint", () => resolve(), { once: true }); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c62d340… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c62d340… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.3.1esr-13.0-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 05 Oct '23

05 Oct '23

Pier Angelo Vendrame pushed to branch tor-browser-115.3.1esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 251bec3a by Pier Angelo Vendrame at 2023-10-05T14:36:34+02:00 fixup! Firefox preference overrides. Bug 41576: Make sure weather and addon suggestions stay off. Better to set them already for the next ESR. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -143,6 +143,12 @@ pref("browser.search.suggest.enabled.private", false); pref("browser.urlbar.suggest.searches", false); pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); pref("browser.urlbar.suggest.quicksuggest.sponsored", false); +// tor-browser#41576: Do not suggest weather and addons. +pref("browser.urlbar.suggest.addons", false); +pref("browser.urlbar.addons.featureGate", false); +pref("browser.urlbar.suggest.weather", false); +pref("browser.urlbar.weather.featureGate", false); +// tor-browser#41691: Hide "Firefox Suggets" in the UI pref("browser.urlbar.groupLabels.enabled", false); pref("browser.safebrowsing.malware.enabled", false); pref("browser.safebrowsing.phishing.enabled", false); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/251bec3… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/251bec3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.0] Bug 40940: Change position of the `install|portable` in the windows filenames
by Pier Angelo Vendrame (＠pierov) 05 Oct '23

05 Oct '23

Pier Angelo Vendrame pushed to branch maint-13.0 at The Tor Project / Applications / tor-browser-build Commits: b4f9a5fd by Nicolas Vigier at 2023-10-05T09:10:41+02:00 Bug 40940: Change position of the `install|portable` in the windows filenames This is also fixing the download-windows-*.json files, which were missing since the filename change (for now, we only includ the `portable` build). - - - - - 2 changed files: - projects/browser/build - tools/update-responses/update_responses Changes: ===================================== projects/browser/build ===================================== @@ -400,11 +400,11 @@ cd $distdir makensis browser-portable.nsi # Working around NSIS braindamage python3 $rootdir/pe_checksum_fix.py browser-install.exe - mv browser-install.exe $OUTDIR/[% c("var/project-name") %]-portable-[% c("var/osname") %]-[% c("var/torbrowser_version") %].exe + mv browser-install.exe $OUTDIR/[% c("var/project-name") %]-[% c("var/osname") %]-portable-[% c("var/torbrowser_version") %].exe [% IF c('var/mullvad-browser') -%] makensis browser-system.nsi python3 $rootdir/pe_checksum_fix.py browser-install.exe - mv browser-install.exe $OUTDIR/[% c("var/project-name") %]-install-[% c("var/osname") %]-[% c("var/torbrowser_version") %].exe + mv browser-install.exe $OUTDIR/[% c("var/project-name") %]-[% c("var/osname") %]-install-[% c("var/torbrowser_version") %].exe [% END -%] popd [% END %] ===================================== tools/update-responses/update_responses ===================================== @@ -138,9 +138,9 @@ sub get_version_downloads { $os = 'macos'; } elsif ($file =~ m/^$config->{appname_bundle}-(linux-i686|linux-x86_64)-${version}.tar.xz$/) { $os = $1; - } elsif ($file =~ m/^$config->{appname_bundle}-windows-x86_64-${version}.exe$/) { + } elsif ($file =~ m/^$config->{appname_bundle}-windows-x86_64-portable-${version}.exe$/) { $os = 'win64'; - } elsif ($file =~ m/^$config->{appname_bundle}-windows-i686-${version}.exe$/) { + } elsif ($file =~ m/^$config->{appname_bundle}-windows-i686-portable-${version}.exe$/) { $os = 'win32'; } else { next; @@ -167,7 +167,7 @@ sub get_perplatform_downloads { $os = 'macos'; } elsif ($file =~ m/^$config->{appname_bundle}-(linux-i686|linux-86_64)-${version}.tar.xz$/) { $os = $1; - } elsif ($file =~ m/^$config->{appname_bundle}-(windows-i686|windows-86_64)-${version}.exe$/) { + } elsif ($file =~ m/^$config->{appname_bundle}-(windows-i686|windows-86_64)-portable-${version}.exe$/) { $os = $1; } elsif ($file =~ m/^$config->{appname_bundle}-(android-armv7|android-x86|android-x86_64|android-aarch64)-${version}.apk$/) { $os = $1; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40940: Change position of the `install|portable` in the windows filenames
by boklm (＠boklm) 05 Oct '23

05 Oct '23

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: b4f9a5fd by Nicolas Vigier at 2023-10-05T09:10:41+02:00 Bug 40940: Change position of the `install|portable` in the windows filenames This is also fixing the download-windows-*.json files, which were missing since the filename change (for now, we only includ the `portable` build). - - - - - 2 changed files: - projects/browser/build - tools/update-responses/update_responses Changes: ===================================== projects/browser/build ===================================== @@ -400,11 +400,11 @@ cd $distdir makensis browser-portable.nsi # Working around NSIS braindamage python3 $rootdir/pe_checksum_fix.py browser-install.exe - mv browser-install.exe $OUTDIR/[% c("var/project-name") %]-portable-[% c("var/osname") %]-[% c("var/torbrowser_version") %].exe + mv browser-install.exe $OUTDIR/[% c("var/project-name") %]-[% c("var/osname") %]-portable-[% c("var/torbrowser_version") %].exe [% IF c('var/mullvad-browser') -%] makensis browser-system.nsi python3 $rootdir/pe_checksum_fix.py browser-install.exe - mv browser-install.exe $OUTDIR/[% c("var/project-name") %]-install-[% c("var/osname") %]-[% c("var/torbrowser_version") %].exe + mv browser-install.exe $OUTDIR/[% c("var/project-name") %]-[% c("var/osname") %]-install-[% c("var/torbrowser_version") %].exe [% END -%] popd [% END %] ===================================== tools/update-responses/update_responses ===================================== @@ -138,9 +138,9 @@ sub get_version_downloads { $os = 'macos'; } elsif ($file =~ m/^$config->{appname_bundle}-(linux-i686|linux-x86_64)-${version}.tar.xz$/) { $os = $1; - } elsif ($file =~ m/^$config->{appname_bundle}-windows-x86_64-${version}.exe$/) { + } elsif ($file =~ m/^$config->{appname_bundle}-windows-x86_64-portable-${version}.exe$/) { $os = 'win64'; - } elsif ($file =~ m/^$config->{appname_bundle}-windows-i686-${version}.exe$/) { + } elsif ($file =~ m/^$config->{appname_bundle}-windows-i686-portable-${version}.exe$/) { $os = 'win32'; } else { next; @@ -167,7 +167,7 @@ sub get_perplatform_downloads { $os = 'macos'; } elsif ($file =~ m/^$config->{appname_bundle}-(linux-i686|linux-86_64)-${version}.tar.xz$/) { $os = $1; - } elsif ($file =~ m/^$config->{appname_bundle}-(windows-i686|windows-86_64)-${version}.exe$/) { + } elsif ($file =~ m/^$config->{appname_bundle}-(windows-i686|windows-86_64)-portable-${version}.exe$/) { $os = $1; } elsif ($file =~ m/^$config->{appname_bundle}-(android-armv7|android-x86|android-x86_64|android-aarch64)-${version}.apk$/) { $os = $1; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.3.1esr-13.0-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 05 Oct '23

05 Oct '23

Pier Angelo Vendrame pushed to branch mullvad-browser-115.3.1esr-13.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 191e2c63 by Pier Angelo Vendrame at 2023-10-05T08:55:16+02:00 fixup! Firefox preference overrides. Bug 41496 (part 2): Pref review for 115/13.0. Added a couple of prefs that were suggested in the issue and I initially missed. Bug 42147: Add browser.helperApps.deleteTempFileOnExit to our profile - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -60,6 +60,11 @@ pref("browser.download.useDownloadDir", false); pref("browser.download.always_ask_before_handling_new_types", true); pref("browser.download.manager.addToRecentDocs", false); pref("browser.download.start_downloads_in_tmp_dir", true); +// tor-browser#42147: Always delete temporary files, also on macOS (this pref is +// already true for other platforms). +// Also, this always happens in PBM. If not in PBM, requires +// browser.download.start_downloads_in_tmp_dir to be true too. +pref("browser.helperApps.deleteTempFileOnExit", true); // Prevent download stuffing / DOS (tor-browser#41764) pref("browser.download.enable_spam_prevention", true); @@ -74,7 +79,7 @@ pref("signon.autofillForms", false, locked); pref("browser.sessionstore.privacy_level", 2); // Use the in-memory media cache and increase its maximum size (#29120) pref("browser.privatebrowsing.forceMediaMemoryCache", true); -pref("media.memory_cache_max_size", 16384); +pref("media.memory_cache_max_size", 65536); // Disable restore in case of crash (tor-browser#41503) // This should not be needed in PBM, but we added it anyway like other options. pref("browser.sessionstore.resume_from_crash", false); @@ -182,6 +187,8 @@ pref("default-browser-agent.enabled", false); #endif // Disable sync by default pref("identity.fxaccounts.enabled", false); +// Blank the sync URL as a defense in depth (added with tor-browser#41496) +pref("identity.sync.tokenserver.uri", ""); // Never sync with other browsers pref("services.sync.engine.addons", false); pref("services.sync.engine.addresses", false); @@ -373,6 +380,9 @@ pref("dom.textMetrics.fontBoundingBox.enabled", false); pref("pdfjs.enableScripting", false); // Bug 40057: Ensure system colors are not used for CSS4 colors pref("browser.display.use_system_colors", false); +// Enforce non-native widget theme (true by default, defense in depth). +// Provides a uniform look and feel across platforms. Added with tor-browser#41496. +pref("widget.non-native-theme.enabled", true); // tor-browser#41943: lock and revisit after it gets flipped to true in stable Firefox pref("javascript.options.spectre.disable_for_isolated_content", false, locked); @@ -517,6 +527,12 @@ pref("network.process.enabled", false); // Extension support pref("extensions.autoDisableScopes", 0); +// Only load extensions from the application and user profile. +// Do not load from the user directory (AddonManager.SCOPE_USER=2, which is +// shared between profiles, e.g., %appdata%\Mozilla\Extensions\ on Windows, or +// ~/.mozilla/extensions on Linux for Firefox), and do not load from system +// directories/the Windows registry (AddonManager.SCOPE_SYSTEM=8). +// More information: https://archive.ph/DYjAM pref("extensions.enabledScopes", 5); // AddonManager.SCOPE_PROFILE=1 | AddonManager.SCOPE_APPLICATION=4 // We don't know what extensions Mozilla is advertising to our users and we // don't want to have some random Google Analytics script running either on the View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/191… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/191… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.3.1esr-13.0-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 05 Oct '23

05 Oct '23

Pier Angelo Vendrame pushed to branch base-browser-115.3.1esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 6063cd9b by Pier Angelo Vendrame at 2023-10-05T08:54:46+02:00 fixup! Firefox preference overrides. Bug 41496 (part 2): Pref review for 115/13.0. Added a couple of prefs that were suggested in the issue and I initially missed. Bug 42147: Add browser.helperApps.deleteTempFileOnExit to our profile - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -60,6 +60,11 @@ pref("browser.download.useDownloadDir", false); pref("browser.download.always_ask_before_handling_new_types", true); pref("browser.download.manager.addToRecentDocs", false); pref("browser.download.start_downloads_in_tmp_dir", true); +// tor-browser#42147: Always delete temporary files, also on macOS (this pref is +// already true for other platforms). +// Also, this always happens in PBM. If not in PBM, requires +// browser.download.start_downloads_in_tmp_dir to be true too. +pref("browser.helperApps.deleteTempFileOnExit", true); // Prevent download stuffing / DOS (tor-browser#41764) pref("browser.download.enable_spam_prevention", true); @@ -74,7 +79,7 @@ pref("signon.autofillForms", false); pref("browser.sessionstore.privacy_level", 2); // Use the in-memory media cache and increase its maximum size (#29120) pref("browser.privatebrowsing.forceMediaMemoryCache", true); -pref("media.memory_cache_max_size", 16384); +pref("media.memory_cache_max_size", 65536); // Disable restore in case of crash (tor-browser#41503) // This should not be needed in PBM, but we added it anyway like other options. pref("browser.sessionstore.resume_from_crash", false); @@ -182,6 +187,8 @@ pref("default-browser-agent.enabled", false); #endif // Disable sync by default pref("identity.fxaccounts.enabled", false); +// Blank the sync URL as a defense in depth (added with tor-browser#41496) +pref("identity.sync.tokenserver.uri", ""); // Never sync with other browsers pref("services.sync.engine.addons", false); pref("services.sync.engine.addresses", false); @@ -374,6 +381,9 @@ pref("dom.textMetrics.fontBoundingBox.enabled", false); pref("pdfjs.enableScripting", false); // Bug 40057: Ensure system colors are not used for CSS4 colors pref("browser.display.use_system_colors", false); +// Enforce non-native widget theme (true by default, defense in depth). +// Provides a uniform look and feel across platforms. Added with tor-browser#41496. +pref("widget.non-native-theme.enabled", true); // tor-browser#41943: lock and revisit after it gets flipped to true in stable Firefox pref("javascript.options.spectre.disable_for_isolated_content", false, locked); @@ -519,6 +529,12 @@ pref("network.process.enabled", false); // Extension support pref("extensions.autoDisableScopes", 0); +// Only load extensions from the application and user profile. +// Do not load from the user directory (AddonManager.SCOPE_USER=2, which is +// shared between profiles, e.g., %appdata%\Mozilla\Extensions\ on Windows, or +// ~/.mozilla/extensions on Linux for Firefox), and do not load from system +// directories/the Windows registry (AddonManager.SCOPE_SYSTEM=8). +// More information: https://archive.ph/DYjAM pref("extensions.enabledScopes", 5); // AddonManager.SCOPE_PROFILE=1 | AddonManager.SCOPE_APPLICATION=4 // We don't know what extensions Mozilla is advertising to our users and we // don't want to have some random Google Analytics script running either on the View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/6063cd9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/6063cd9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.3.1esr-13.0-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 05 Oct '23

05 Oct '23

Pier Angelo Vendrame pushed to branch tor-browser-115.3.1esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: d7fc2de8 by Pier Angelo Vendrame at 2023-10-05T08:48:34+02:00 fixup! Firefox preference overrides. Bug 41496 (part 2): Pref review for 115/13.0. Added a couple of prefs that were suggested in the issue and I initially missed. Bug 42147: Add browser.helperApps.deleteTempFileOnExit to our profile - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -60,6 +60,11 @@ pref("browser.download.useDownloadDir", false); pref("browser.download.always_ask_before_handling_new_types", true); pref("browser.download.manager.addToRecentDocs", false); pref("browser.download.start_downloads_in_tmp_dir", true); +// tor-browser#42147: Always delete temporary files, also on macOS (this pref is +// already true for other platforms). +// Also, this always happens in PBM. If not in PBM, requires +// browser.download.start_downloads_in_tmp_dir to be true too. +pref("browser.helperApps.deleteTempFileOnExit", true); // Prevent download stuffing / DOS (tor-browser#41764) pref("browser.download.enable_spam_prevention", true); @@ -74,7 +79,7 @@ pref("signon.autofillForms", false); pref("browser.sessionstore.privacy_level", 2); // Use the in-memory media cache and increase its maximum size (#29120) pref("browser.privatebrowsing.forceMediaMemoryCache", true); -pref("media.memory_cache_max_size", 16384); +pref("media.memory_cache_max_size", 65536); // Disable restore in case of crash (tor-browser#41503) // This should not be needed in PBM, but we added it anyway like other options. pref("browser.sessionstore.resume_from_crash", false); @@ -182,6 +187,8 @@ pref("default-browser-agent.enabled", false); #endif // Disable sync by default pref("identity.fxaccounts.enabled", false); +// Blank the sync URL as a defense in depth (added with tor-browser#41496) +pref("identity.sync.tokenserver.uri", ""); // Never sync with other browsers pref("services.sync.engine.addons", false); pref("services.sync.engine.addresses", false); @@ -374,6 +381,9 @@ pref("dom.textMetrics.fontBoundingBox.enabled", false); pref("pdfjs.enableScripting", false); // Bug 40057: Ensure system colors are not used for CSS4 colors pref("browser.display.use_system_colors", false); +// Enforce non-native widget theme (true by default, defense in depth). +// Provides a uniform look and feel across platforms. Added with tor-browser#41496. +pref("widget.non-native-theme.enabled", true); // tor-browser#41943: lock and revisit after it gets flipped to true in stable Firefox pref("javascript.options.spectre.disable_for_isolated_content", false, locked); @@ -519,6 +529,12 @@ pref("network.process.enabled", false); // Extension support pref("extensions.autoDisableScopes", 0); +// Only load extensions from the application and user profile. +// Do not load from the user directory (AddonManager.SCOPE_USER=2, which is +// shared between profiles, e.g., %appdata%\Mozilla\Extensions\ on Windows, or +// ~/.mozilla/extensions on Linux for Firefox), and do not load from system +// directories/the Windows registry (AddonManager.SCOPE_SYSTEM=8). +// More information: https://archive.ph/DYjAM pref("extensions.enabledScopes", 5); // AddonManager.SCOPE_PROFILE=1 | AddonManager.SCOPE_APPLICATION=4 // We don't know what extensions Mozilla is advertising to our users and we // don't want to have some random Google Analytics script running either on the View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d7fc2de… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d7fc2de… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-115.3.1esr-13.0-1-build1
by Pier Angelo Vendrame (＠pierov) 04 Oct '23

04 Oct '23

Pier Angelo Vendrame pushed new tag mullvad-browser-115.3.1esr-13.0-1-build1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.3.1esr-13.0-1] 18 commits: MB 38: Mullvad Browser configuration
by Pier Angelo Vendrame (＠pierov) 04 Oct '23

04 Oct '23

Pier Angelo Vendrame pushed to branch mullvad-browser-115.3.1esr-13.0-1 at The Tor Project / Applications / Mullvad Browser Commits: ece2b918 by Pier Angelo Vendrame at 2023-10-04T18:29:55+02:00 MB 38: Mullvad Browser configuration - - - - - a8b6ec40 by Pier Angelo Vendrame at 2023-10-04T18:37:05+02:00 MB 1: Mullvad Browser branding See also: mullvad-browser#5: Product name and directory customization mullvad-browser#12: Create new branding directories and integrate Mullvad icons+branding mullvad-browser#14: Remove Default Built-in bookmarks mullvad-browser#35: Add custom PDF icons for Windows builds mullvad-browser#48: Replace Mozilla copyright and legal trademarks in mullvadbrowser.exe metadata mullvad-browser#51: Update trademark string mullvad-browser#104: Update shipped dll metadata copyright/licensing info mullvad-browser#107: Add alpha and nightly icons - - - - - 47816936 by Pier Angelo Vendrame at 2023-10-04T18:37:05+02:00 MB 20: Allow packaged-addons in PBM. We install a few addons from the distribution directory, but they are not automatically enabled for PBM mode. This commit modifies the code that installs them to also add the PBM permission to the known ones. - - - - - 02b8a002 by Pier Angelo Vendrame at 2023-10-04T18:37:06+02:00 MB 63: Customize some about pages for Mullvad Browser Also: mullvad-browser#57: Purge unneeded about: pages - - - - - b5593094 by Pier Angelo Vendrame at 2023-10-04T18:37:06+02:00 MB 37: Customization for the about dialog - - - - - 3c1ba1d5 by Henry Wilkes at 2023-10-04T18:37:06+02:00 MB 39: Add home page about:mullvad-browser - - - - - 9a69e396 by hackademix at 2023-10-04T18:37:07+02:00 MB 97: Remove UI cues to install new extensions. - - - - - b7a6741f by hackademix at 2023-10-04T18:37:07+02:00 MB 47: uBlock Origin customization - - - - - bd869eed by Pier Angelo Vendrame at 2023-10-04T18:37:07+02:00 MB 21: Disable the password manager This commit disables the about:login page and removes the "Login and Password" section of about:preferences. We do not do anything to the real password manager of Firefox, that is in toolkit: it contains C++ parts that make it difficult to actually prevent it from being built.. Finally, we modify the the function that opens about:login to report an error in the console so that we can quickly get a backtrace to the code that tries to use it. - - - - - 239efafc by Pier Angelo Vendrame at 2023-10-04T18:37:08+02:00 MB 87: Disable the default browser box on Windows and Linux Windows and Linux will be distributed only as portable apps at the beginning, so they should not be settable as default browsers. We will need to improve the logic once we decide to ship system-wide installers, too. - - - - - f5c7dc56 by Pier Angelo Vendrame at 2023-10-04T18:37:08+02:00 MB 112: Updater customization for Mullvad Browser MB 71: Set the updater base URL to Mullvad domain - - - - - 88ff95e6 by Nicolas Vigier at 2023-10-04T18:37:08+02:00 MB 79: Add Mullvad Browser MAR signing keys - - - - - 1d8ded0d by Pier Angelo Vendrame at 2023-10-04T18:37:09+02:00 MB 34: Hide unsafe and unwanted preferences UI about:preferences allow to override some of our defaults, that could be fingeprintable or have some other unwanted consequences. - - - - - 4283a523 by Pier Angelo Vendrame at 2023-10-04T18:37:09+02:00 MB 160: Disable the cookie exceptions button Besides disabling the "Delete on close checkbox", disable also the "Manage Exceptions" button when always using PBM. - - - - - 08892ed4 by hackademix at 2023-10-04T18:37:09+02:00 MB 163: prevent uBlock Origin from being uninstalled/disabled - - - - - cbd8295f by Richard Pospesel at 2023-10-04T18:37:10+02:00 MB 188: Customize Gitlab Issue and Merge templates - - - - - 62457533 by rui hildt at 2023-10-04T18:37:10+02:00 MB 213: Customize the search engines list - - - - - ebc08997 by hackademix at 2023-10-04T18:37:10+02:00 MB 214: Enable cross-tab identity leak protection in "quiet" mode - - - - - 30 changed files: - + .gitlab/issue_templates/Rebase Browser - Alpha.md - + .gitlab/issue_templates/Rebase Browser - Stable.md - .gitlab/merge_request_templates/default.md - browser/app/Makefile.in - browser/app/macbuild/Contents/Info.plist.in - browser/app/module.ver - browser/app/firefox.exe.manifest → browser/app/mullvadbrowser.exe.manifest - + browser/app/profile/000-mullvad-browser.js - browser/app/profile/001-base-profile.js - browser/base/content/aboutDialog.xhtml - browser/base/content/appmenu-viewcache.inc.xhtml - browser/base/content/browser-menubar.inc - browser/base/content/browser.js - browser/base/content/default-bookmarks.html - browser/base/content/nsContextMenu.js - browser/base/content/overrides/app-license.html - browser/base/content/pageinfo/pageInfo.xhtml - browser/base/content/utilityOverlay.js - browser/branding/branding-common.mozbuild - + browser/branding/mb-alpha/VisualElements_150.png - + browser/branding/mb-alpha/VisualElements_70.png - + browser/branding/mb-alpha/configure.sh - + browser/branding/mb-alpha/content/about-logo.png - + browser/branding/mb-alpha/content/about-logo.svg - + browser/branding/mb-alpha/content/about-logo(a)2x.png - + browser/branding/mb-alpha/content/about-wordmark.svg - + browser/branding/mb-alpha/content/about.png - + browser/branding/mb-alpha/content/aboutDialog.css - + browser/branding/mb-alpha/content/firefox-wordmark.svg - + browser/branding/mb-alpha/content/icon128.png The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/75… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/75… You're receiving this email because of your account on gitlab.torproject.org.

1 0

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

tbb-commits October 2023