Pier Angelo Vendrame pushed to branch mullvad-browser-128.0esr-14.0-2 at The Tor Project / Applications / Mullvad Browser

Commits: f0717dcb by Beatriz Rizental at 2024-07-29T17:00:34+02:00 fixup! Add CI for Base Browser

- - - - - 9448012d by Pier Angelo Vendrame at 2024-07-30T09:06:25+02:00 fixup! Firefox preference overrides.

Bug 42872: Disable translations.

Currently, the UX is kinda bad in Tor Browser (RFP might be a reason). Also, we should audit it first, to make sure it is not a fingerprinting concern (or if it is, we should make sure it is an acceptable one).

- - - - - b94825b7 by Beatriz Rizental at 2024-07-30T12:25:35+02:00 Revert "Bug 42725: Fix upstream lint issues"

This reverts commit 0c49b3f6b7101e95e33f697234648eeaef070a46.

- - - - -

5 changed files:

- .gitlab/ci/lint.yml - browser/app/profile/001-base-profile.js - dom/base/nsGlobalWindowOuter.cpp - dom/security/nsContentSecurityUtils.cpp - modules/libpref/Preferences.cpp

Changes:

===================================== .gitlab/ci/lint.yml ===================================== @@ -39,9 +39,8 @@ eslint: # The plugin implementing custom checks. - 'tools/lint/eslint/eslint-plugin-mozilla/**' - 'tools/lint/eslint/eslint-plugin-spidermonkey-js/**' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

stylelint: extends: .base @@ -59,9 +58,8 @@ stylelint: # Run when stylelint policies change. - '**/.stylelintignore' - '**/*stylelintrc*' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

py-black: extends: .base @@ -80,9 +78,8 @@ py-black: - '**/*.mozbuild' - 'pyproject.toml' - 'tools/lint/black.yml' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

py-ruff: extends: .base @@ -101,9 +98,8 @@ py-ruff: - 'tools/lint/ruff.yml' - 'tools/lint/python/ruff.py' - 'tools/lint/python/ruff_requirements.txt' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

yaml: extends: .base @@ -118,9 +114,8 @@ yaml: - '**/*.yml' - '**/*.yaml' - '**/.ymllint' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

shellcheck: extends: .base @@ -134,9 +129,8 @@ shellcheck: # - '**/*.sh' - 'tools/lint/shellcheck.yml' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

clang-format: extends: .base @@ -156,9 +150,8 @@ clang-format: - '**/*.m' - '**/*.mm' - 'tools/lint/clang-format.yml' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

rustfmt: extends: .base @@ -172,9 +165,8 @@ rustfmt: # - '**/*.rs' - 'tools/lint/rustfmt.yml' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

fluent-lint: extends: .base @@ -189,9 +181,8 @@ fluent-lint: - '**/*.ftl' - 'tools/lint/fluent-lint.yml' - 'tools/lint/fluent-lint/exclusions.yml' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

localization: extends: .base @@ -208,9 +199,8 @@ localization: - 'third_party/python/compare-locales/**' - 'third_party/python/fluent/**' - 'tools/lint/l10n.yml' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

mingw-capitalization: extends: .base @@ -227,9 +217,8 @@ mingw-capitalization: - '**/*.c' - '**/*.h' - 'tools/lint/mingw-capitalization.yml' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

mscom-init: extends: .base @@ -246,9 +235,8 @@ mscom-init: - '**/*.c' - '**/*.h' - 'tools/lint/mscom-init.yml' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

file-whitespace: extends: .base @@ -277,9 +265,8 @@ file-whitespace: - '**/*.webidl' - '**/*.xhtml' - 'tools/lint/file-whitespace.yml' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

test-manifest: extends: .base @@ -294,9 +281,8 @@ test-manifest: - '**/*.ini' - 'python/mozlint/**' - 'tools/lint/**' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

trojan-source: extends: .base @@ -315,6 +301,5 @@ trojan-source: - '**/*.py' - '**/*.rs' - 'tools/lint/trojan-source.yml' - # Run job whenever a new tag is created - # or whenever a commit is merged to a protected branch - - if: $CI_COMMIT_TAG || $CI_COMMIT_REF_PROTECTED == 'true' + # Run job whenever a commit is merged to a protected branch + - if: $CI_COMMIT_REF_PROTECTED == 'true'

===================================== browser/app/profile/001-base-profile.js ===================================== @@ -259,6 +259,11 @@ pref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiment // Disable fetching asrouter.ftl and related console errors (tor-browser#40763). pref("browser.newtabpage.activity-stream.asrouter.useRemoteL10n", false);

+// tor-browser#42872, #42555: Disable translations. +// Translation have a bad UX in 128 (and with our config). Maybe we will +// re-enable after auditing and fixing the UX. +pref("browser.translations.enable", false); + // tor-browser#41945 - disable automatic cookie banners dismissal until // we're sure it does not causes fingerprinting risks or other issues. pref("cookiebanners.service.mode", 0);

===================================== dom/base/nsGlobalWindowOuter.cpp ===================================== @@ -7296,7 +7296,7 @@ void nsGlobalWindowOuter::InitWasOffline() { mWasOffline = NS_IsOffline(); }

#if defined(_WINDOWS_) && !defined(MOZ_WRAPPED_WINDOWS_H) # pragma message( \ - "wrapper failure reason: " MOZ_WINDOWS_WRAPPER_DISABLED_REASON) + "wrapper failure reason: " MOZ_WINDOWS_WRAPPER_DISABLED_REASON) # error "Never include unwrapped windows.h in this file!" #endif

===================================== dom/security/nsContentSecurityUtils.cpp ===================================== @@ -1332,20 +1332,20 @@ void nsContentSecurityUtils::AssertAboutPageHasCSP(Document* aDocument) { // This allowlist contains about: pages that are permanently allowed to // render without a CSP applied. static nsLiteralCString sAllowedAboutPagesWithNoCSP[] = { - // about:blank is a special about page -> no CSP - "about:blank"_ns, - // about:srcdoc is a special about page -> no CSP - "about:srcdoc"_ns, - // about:sync-log displays plain text only -> no CSP - "about:sync-log"_ns, - // about:logo just displays the firefox logo -> no CSP - "about:logo"_ns, - // about:sync is a special mozilla-signed developer addon with low usage - // -> - // no CSP - "about:sync"_ns, + // about:blank is a special about page -> no CSP + "about:blank"_ns, + // about:srcdoc is a special about page -> no CSP + "about:srcdoc"_ns, + // about:sync-log displays plain text only -> no CSP + "about:sync-log"_ns, + // about:logo just displays the firefox logo -> no CSP + "about:logo"_ns, + // about:sync is a special mozilla-signed developer addon with low usage + // -> + // no CSP + "about:sync"_ns, # if defined(ANDROID) - "about:config"_ns, + "about:config"_ns, # endif };

===================================== modules/libpref/Preferences.cpp ===================================== @@ -6100,8 +6100,7 @@ void UnloadPrefsModule() { Preferences::Shutdown(); }

// Preference Sanitization Related Code ---------------------------------------

-#define PREF_LIST_ENTRY(s) \ - { s, (sizeof(s) / sizeof(char)) - 1 } +#define PREF_LIST_ENTRY(s) {s, (sizeof(s) / sizeof(char)) - 1} struct PrefListEntry { const char* mPrefBranch; size_t mLen;

View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/d7c...