Project

General

Profile

Feature #17157

Feature #16356: Upgrade to Tor Browser 9.0 (based on Firefox 68)

Upgrade to Tor Browser 9.0a8

Added by intrigeri about 1 month ago. Updated about 1 month ago.

Status:
Resolved
Priority:
High
Assignee:
-
Category:
-
Target version:
Start date:
Due date:
% Done:

100%

Feature Branch:
feature/16356-tor-browser-9.0+force-all-tests
Type of work:
Code
Blueprint:
Starter:
Affected tool:
Browser

Related issues

Blocks Tails - Feature #16209: Core work: Foundations Team Confirmed

Associated revisions

Revision 788bd4ee (diff)
Added by intrigeri about 1 month ago

Upgrade Tor Browser to 9.0a8 (refs: #17157)

Revision 32a2cf0f (diff)
Added by intrigeri about 1 month ago

Hide all Tor connection-related settings in about:preferences in all browsers (refs: #17157)

This hides the UI introduced for
https://trac.torproject.org/projects/tor/ticket/31286:

- the "Tor" button in the left sidebar, which only points to UI that allows the
user to configure how little-t-tor connects to the Tor network: OnionGrater
blocks this so the information shown there is incorrect (when using
non-default configuration) and cannot be modified successfully;
- the same UI, when found via "Find in Preferences".

Note that we'll probably need to opt-in for userChrome.css and userContent.css
when we upgrade to a Tor Browser that's based on Firefox 69+:
https://www.ghacks.net/2019/05/24/firefox-69-userchrome-css-and-usercontent-css-disabled-by-default/

Revision 14319bf6 (diff)
Added by intrigeri about 1 month ago

Hide the new "New identity" toolbar button in all non-Tor browsers (refs: #17157)

Revision 418b804e (diff)
Added by intrigeri about 1 month ago

Test suite: drop the "Unsafe Browser has no proxy configured" step (refs: #17157)

Our firewall blocks access from the clearnet user to the loopback interface,
so proxies are not supposed to work. We validate this already with
a combination of two tests:

- "Scenario: The Unsafe Browser can load a web page" would fail
if a proxy was configured and the firewall is set up as intended.
- "Scenario: The Unsafe Browser cannot be configured to use Tor and other local
proxies" would fail if the firewall was not set up correctly.

So let's remove this extra test, which is hard to update since the UI it's
currently using was removed from Tor Browser 9.0a8's code base.

Revision 2ba835fb (diff)
Added by intrigeri about 1 month ago

Test suite: update Unsafe Browser proxy test for Tor Browser 9.0a8 (refs: #17157)

The UI this test used to rely on was removed from Tor Browser 9.0a8's
code base, so let's re-implement it via prefs.js.

And in passing, only test one Socksport (chosen randomly among those configured
in torrc): this should be sufficient to verify that our firewall does not allow
the clearnet user to connect to services listening on the loopback interface,
which is what this scenario is essentially about.

Revision 980e5f54
Added by anonym about 1 month ago

Merge remote-tracking branch 'origin/feature/16356-tor-browser-9.0+force-all-tests' into testing

Fix-committed: #17157

History

#1 Updated by intrigeri about 1 month ago

#2 Updated by intrigeri about 1 month ago

  • Status changed from Confirmed to In Progress

#3 Updated by intrigeri about 1 month ago

  • Feature Branch set to feature/16356-tor-browser-9.0+force-all-tests,

#4 Updated by intrigeri about 1 month ago

Full test suite passes except the Unsafe Browser proxy settings ones: looks like the changes brought for https://bugs.torproject.org/31286 in 9.0a7..9.0a8 change that UI. But it looks like the UI our test suite now finds is about how tor shall connect to the Internet, which is not what we want to test here (and in passing it says "Tor Browser". Presumably we should hide this new piece of UI in all our browsers and then find how we can update our Unsafe Browser tests.

#5 Updated by intrigeri about 1 month ago

In Tor Browser, about:preferences behaves in a weird way:

  • The "Tor" link in about:preferences, that points to about:preferences#tor, does not do anything; in a pristine Tor Browser, it points to the bridges & proxy prefs (imported from Tor Launcher) → I think we should hide it.
  • Searching for "proxy" shows some prefs (that I could not find by browsing the prefs) about proxy and allowed outgoing ports, i.e. bits that were imported from Tor Launcher and that are broken and useless in Tails: Onion Grater will prevent Tor Browser from retrieving and changing the tor configuration. Same when searching for "bridges". I think it's acceptable for 4.0 but I'll ask the Tor Browser team if they can give us a pref/envvar to fully hide all these prefs (even via "Find in Preferences").

The issue I've reported about Unsafe Browser above is exactly the same as this UX wise, but from the test suite PoV it's an entirely different matter: the Networking Settings in General preferences has been removed from the Tor Browser codebase so we can't use it anymore. I'll see what we can do about it; presumably we'll need to tweak proxy settings via about:config or directly in prefs.js.

#6 Updated by intrigeri about 1 month ago

On the topic branch, I've fixed all the regressions I had spotted. Let's see what CI thinks.

#7 Updated by intrigeri about 1 month ago

  • Feature Branch changed from feature/16356-tor-browser-9.0+force-all-tests, to feature/16356-tor-browser-9.0+force-all-tests

#8 Updated by intrigeri about 1 month ago

  • Status changed from In Progress to Needs Validation
  • Assignee deleted (intrigeri)

No related failure in a full test suite run locally.

#9 Updated by intrigeri about 1 month ago

Please merge into testing → devel.

#10 Updated by anonym about 1 month ago

  • Assignee set to anonym

#11 Updated by anonym about 1 month ago

  • Status changed from Needs Validation to 11
  • % Done changed from 0 to 100

#12 Updated by anonym about 1 month ago

  • Assignee deleted (anonym)

#13 Updated by intrigeri about 1 month ago

  • Status changed from 11 to Resolved

Also available in: Atom PDF