Skip to content
Permalink
Branch: 23745
Commits on Oct 17, 2017
  1. squash! TB4: Tor Browser's Firefox preference overrides.

    arthuredelstein committed Oct 17, 2017
    Bug 23745: Set dom.indexedDB.enabled = true
Commits on Oct 5, 2017
  1. Revert "bug 23104 - Add a default line height compensation"

    Georg Koppen
    Georg Koppen committed Oct 5, 2017
    This reverts commit 722fd29.
    
    Backing out due to #23701: We should make sure this defense only applies
    to content and not the browser chrome.
Commits on Oct 4, 2017
  1. Bug 13398: at startup, browser gleans user FULL NAME (real name, give…

    pospeselr authored and Georg Koppen committed Sep 29, 2017
    …n name) from O/S
    
    ifdef'd out offending code in each platform based on existance of
    TOR_BROWSER_VERSION and return empty string instead.
Commits on Sep 28, 2017
  1. fixup! TB4: Tor Browser's Firefox preference overrides.

    Georg Koppen
    Georg Koppen committed Sep 28, 2017
Commits on Sep 22, 2017
  1. fixup! Bug 16010: Fixing sandbox compile issues

    Georg Koppen
    Georg Koppen committed Sep 22, 2017
  2. Bug 366945 - Disable middlemouse.contentLoadURL by default on UNIX an…

    vladimiroff authored and Georg Koppen committed Sep 5, 2017
    …d Android, r=gijs
    
    MozReview-Commit-ID: FXniFjoU9RJ
    
    --HG--
    extra : rebase_source : 6fb36272b7779c52854e7e952725e528b7c9346a
  3. bug 23104 - Add a default line height compensation

    igt0 Georg Koppen
    igt0 authored and Georg Koppen committed Sep 16, 2017
    Many fonts have issues with their vertical metrics. they
    are used to influence the height of ascenders and depth
    of descenders. Gecko uses it to calculate the line height
    (font height + ascender + descender), however because of
    that idiosyncratic behavior across multiple operating
    systems, it can be used to identify the user's OS.
    
    The solution proposed in the patch uses a default factor
    to be multiplied with the font size, simulating the concept
    of ascender and descender. This way all operating
    systems will have the same line height.
  4. We don't take the SANDBOX_EXPORTS path and fix compile issues along o…

    Georg Koppen
    Georg Koppen committed Sep 18, 2017
    …ur way
  5. Bug 16010: Fixing sandbox compile issues

    Georg Koppen
    Georg Koppen committed Aug 11, 2017
  6. Bug 1386279 - Renovate Linux sandbox file broker handling of access()…

    jld authored and Georg Koppen committed Aug 9, 2017
    …. r=gcp
    
    1. X_OK is now allowed, and is limited only by the MAY_ACCESS permission.
    
    2. The actual access() syscall is now used, if access is granted by the
    broker policy.  This fixed bug 1382246, which explains the background.
    
    MozReview-Commit-ID: 926429PlBnL
    
    --HG--
    extra : rebase_source : 6ae54c4c25e1389fa3af75b0bdf727323448294a
  7. Bug 1374281. r=jld

    gcp authored and Georg Koppen committed Jun 19, 2017
    MozReview-Commit-ID: Ko5m5i4Wkd6
    
    --HG--
    extra : rebase_source : 3076315ef3639a89f752addbb01d5d08a9c2db75
  8. Bug 1344106 - Remove Linux todos() now that Linux sandboxing is ridin…

    Haik Aftandilian Georg Koppen
    Haik Aftandilian authored and Georg Koppen committed Mar 3, 2017
    …g the trains. r=haik
    
    MozReview-Commit-ID: 9tI2S6fEYkD
    
    --HG--
    extra : rebase_source : 0a5d00f8498861e7ea281e527b2be6b2c4e472d6
  9. Bug 1317802 - don't stop for SIGSYS in .gdbinit; r=jld

    froydnj authored and Georg Koppen committed Nov 16, 2016
    The sandboxing code generates this signal nowadays, which makes
    debugging with tools like rr quite frustrating.
    
    DONTBUILD because NPOTB
  10. Bug 1337162 - Enable the Linux content sandbox for non-Nightly builds…

    gcp authored and Georg Koppen committed Feb 27, 2017
    …. r=ted
    
    MozReview-Commit-ID: 65aPquHzyfP
    
    --HG--
    extra : rebase_source : 017080e3ae33289bb0b6a790027f9d02c380d47b
  11. Bug 1355274 - Polyfill SOCK_DGRAM socketpairs with SOCK_SEQPACKET, fo…

    jld authored and Georg Koppen committed Apr 12, 2017
    …r libasyncns. r=gcp
    
    MozReview-Commit-ID: 2DeklSGsjUV
    
    --HG--
    extra : rebase_source : 8a202c23dc9a3ddede49b08ce1e0792dfb40bdbf
  12. Bug 1361238 - Re-allow accept4, used by accessibility. r=gcp

    jld authored and Georg Koppen committed May 2, 2017
    MozReview-Commit-ID: 3M3T3bkx4nP
    
    --HG--
    extra : rebase_source : b67332889615ae34cc67737da361f21ae545aeb4
  13. Bug 1358647 - Disallow bind/listen/accept for Linux content processes…

    jld authored and Georg Koppen committed Apr 26, 2017
    …. r=gcp
    
    MozReview-Commit-ID: Cz9MKxOJnsS
    
    --HG--
    extra : rebase_source : d3ab7ff9020066d5fe9ac3121c88c85b9fde6224
  14. Bug 1286865 - Step 0: Turn off crash-on-seccomp-fail by default on no…

    jld authored and Georg Koppen committed Jan 27, 2017
    …n-nightly. r=gcp
    
    MozReview-Commit-ID: 1It6HNizbAc
    
    --HG--
    extra : rebase_source : 1e96f11904abf2c38c5b4e50de7609ddc86cdd8a
  15. Bug 1320085 - Allow the getrlimit-equivalent subset of prlimit64. r=tedd

    jld authored and Georg Koppen committed Nov 28, 2016
    This applies only to content processes, where we already allow getrlimit
    (but not setrlimit).  The rule added here does not allow using prlimit64
    to set any resource limits or interact with any other process.
    
    MozReview-Commit-ID: nMry3t6QPj
    
    --HG--
    extra : rebase_source : ecf792077a672ab1f2c5edf9fbeb915a0d8dd30e
  16. Bug 18101: Suppress upload file dialog proxy bypass (linux)

    arthuredelstein authored and Georg Koppen committed Sep 20, 2017
  17. Bug 1365047 Turn on the Windows DLL Blocklist in MinGW r=aklotz

    Tom Ritter Georg Koppen
    Tom Ritter authored and Georg Koppen committed May 15, 2017
    MozReview-Commit-ID: 3hF7iOdH89P
    
    --HG--
    extra : rebase_source : 95614960544ae55b983dbbd40e1036ff236204b3
  18. Bug 1368406 Use non-Windows Printf Format Specifiers in MinGW r=froydnj

    Tom Ritter Georg Koppen
    Tom Ritter authored and Georg Koppen committed May 29, 2017
    MinGW applies the gnu_printf format attribute, which expects
    non-Windows format specifiers. These macros were not designed
    to handle MinGW.
    
    MozReview-Commit-ID: HuJrK43Bg1A
    
    --HG--
    extra : rebase_source : 6ccc1b2f4ab0e71584f442e86d94322e2c6382fb
  19. Bug 23230: Fix build error on Windows 64

    boklm authored and Georg Koppen committed Aug 12, 2017
    Fix the following build error we have when building for Windows 64:
    /var/tmp/build/firefox-af0ca6a886c7/media/libcubeb/src/cubeb_wasapi.cpp:1596:46:
      error: cast from cubeb_devid {aka void*} to int loses precision
     [-fpermissive]
    
    We fix that by using %p instead of %x to remove the need for a cast.
  20. Revert "Bug 19273: Avoid JavaScript patching of the external app help…

    Kathy Brade Georg Koppen
    Kathy Brade authored and Georg Koppen committed Jul 18, 2017
    …er dialog."
    
    This reverts commit 648d842.
  21. Bug 21830: Copying large text from web console leaks to /tmp

    Georg Koppen
    Georg Koppen committed Aug 4, 2017
    Patch written by Neill Miller
  22. Bug 21321: Add test for .onion whitelisting

    Georg Koppen
    Georg Koppen committed Jul 24, 2017
  23. Bug 21321: .onion domains are shown as non-secure

    Georg Koppen
    Georg Koppen committed Aug 3, 2017
    Websites which collect passwords but don't use HTTPS start showing scary
    warnings from Firefox 51 onwards (see:
    blog.mozilla.org/security/2017/01/20/communicating-the-dangers-of-non-secure-http/
    for details).
    
    .onion sites without HTTPS support are affected as well, although their
    traffic is encrypted and authenticated. This patch addresses this
    shortcoming by making sure .onion sites are treated as potentially
    trustworthy origins.
    
    The secure context specification
    (https://w3c.github.io/webappsec-secure-contexts/) is pretty much focused
    on tying security and trustworthiness to the protocol over which domains
    are accessed. However, it is not obvious why .onion sites should not be
    treated as potentially trustworthy given:
    
    "A potentially trustworthy origin is one which a user agent can
    generally trust as delivering data securely.
    
    This algorithms [sic] considers certain hosts, scheme, and origins as
    potentially trustworthy, even though they might not be authenticated and
    encrypted in the traditional sense."
    (https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy)
    
    We use step 8 in the algorithm to establish trustworthiness of .onion
    sites by whitelisting them given the encrypted and authenticated nature
    of their traffic.
  24. Revert "Getting Tor Browser to build with accessibility enabled on Wi…

    arthuredelstein authored and Georg Koppen committed Jul 12, 2017
    …ndows"
    
    This reverts commit d890171,
    because we have updated mingw-w64 to
    1259532ff8f5a7ac625b2f28d499ee93a0c0841e
  25. Bug 23044: Don't allow GIO supported protocols by default

    Georg Koppen
    Georg Koppen committed Jul 27, 2017
  26. Bug 16485: Improve about:cache page

    Georg Koppen
    Georg Koppen committed May 31, 2017
    Loading `about:cache` and selecting particular caches via the checkboxes
    results in a cryptic error ("Unrecognized storage name 'null' in
    about:cache URL) when updating the page. We avoid that by making sure
    the storage parameter is in fact empty if it is supposed to be `null`.
  27. Bug 21862: Rip out potentially unsafe rust code

    Georg Koppen
    Georg Koppen committed May 24, 2017
    Just ripping out the problematic code leads to compile errors
    complaining about modified third party code. That's fine for now,
    though we need to think harder about this issue once we start building
    with Rust being mandatory.
  28. Bug 1329521 - GetLoadContextInfo() should not compare originAttribute…

    bakulf authored and Georg Koppen committed Jan 13, 2017
    …s and privateBrowsing boolean when docShell is chrome type, r=smaug
    
    Backported to ESR52: https://bugs.torproject.org/22462
Older
You can’t perform that action at this time.