Opened 7 years ago

Closed 5 years ago

#2871 closed defect (implemented)

Patches for Firefox/Tor Browser

Reported by: mikeperry Owned by: mikeperry
Priority: Medium Milestone:
Component: Firefox Patch Issues Version:
Severity: Keywords:
Cc: g.koppen@…, tagnaq@…, lunar@…, tom+tor-trac@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by mikeperry)

We're going to need to create and maintain a series of patches for Firefox 4 for use in our Tor Browser Bundles. Hopefully this is a short-term thing, and we'll get most of these merged into upstream Firefox for FF5. It will probably be easier to track most of these in our own bug tracker for now. This is going to be the parent ticket for that.

Ticket Component Owner Summary Priority Points
#2872 Firefox Patch Issues mikeperry Limit the fonts available in TorBrowser High 8
#2875 Firefox Patch Issues mikeperry Spoof Desktop Resolution in TorBrowser High 6
#3229 Firefox Patch Issues mikeperry Make content pref service memory-only + clearable High 1
#3547 Firefox Patch Issues mikeperry Disable all plugins but flash High 2
#3666 Firefox Patch Issues mikeperry SafeCache key is only 32bit High 5
#3907 Firefox Patch Issues mikeperry Provide auth headers to on-modify-request High 2
#2873 Firefox Patch Issues mikeperry Block Components.lookupMethod in TorBrowser Medium 4
#3247 Firefox Patch Issues mikeperry Fix SOCKS Timeout Medium


Child Tickets

TicketStatusOwnerSummaryComponent
#2872closedmikeperryLimit the fonts available in TorBrowserFirefox Patch Issues
#2873closedmikeperryBlock Components.lookupMethod in TorBrowserFirefox Patch Issues
#2875closedmikeperrySpoof Desktop Resolution in TorBrowserFirefox Patch Issues
#3229closedmikeperryMake content pref service memory-only + clearableFirefox Patch Issues
#3247closedmikeperryFix SOCKS TimeoutFirefox Patch Issues
#3547closedmikeperryDisable all plugins but flashFirefox Patch Issues
#3666closedmikeperrySafeCache key is only 32bitFirefox Patch Issues
#3907closedmikeperryProvide auth headers to on-modify-requestFirefox Patch Issues

Change History (11)

comment:1 Changed 7 years ago by gk

Cc: g.koppen@… added

comment:2 Changed 7 years ago by tagnaq

Cc: tagnaq@… added

comment:3 Changed 7 years ago by mikeperry

Component: Tor bundles/installationTor Browser

comment:4 Changed 7 years ago by mikeperry

Description: modified (diff)
Type: enhancementdefect

comment:5 Changed 7 years ago by lunar

Cc: lunar@… added

comment:6 Changed 6 years ago by StrangeCharm

Cc: tom+tor-trac@… added

comment:7 Changed 6 years ago by mikeperry

Summary: Patches for Firefox 4/Tor BrowserPatches for Firefox/Tor Browser

comment:8 Changed 6 years ago by cypherpunks

Under what circumstances is a bug marked as "fixed"/"closed" in this list? Is the ultimate aim still to get (as many as possible of) these patches accepted in Firefox upstream? If so, is the upstream acceptance status of individual patches being tracked anywhere?

comment:9 in reply to:  8 ; Changed 6 years ago by mikeperry

Replying to cypherpunks:

Under what circumstances is a bug marked as "fixed"/"closed" in this list? Is the ultimate aim still to get (as many as possible of) these patches accepted in Firefox upstream? If so, is the upstream acceptance status of individual patches being tracked anywhere?

Dearest cypherpunks,

We're functioning as a prototype for privacy by design in private browsing modes. I have no spare time to deal with shepherding patches upstream. I am the only browser engineer we have, and I am still working on ensuring our prototype meets its design requirements: https://www.torproject.org/projects/torbrowser/design/#DesignRequirements

We maintain a canonical list of our Firefox patches at https://www.torproject.org/projects/torbrowser/design/#firefox-patches.

Either Mozilla decides they like our ideas, or they don't.

comment:10 in reply to:  9 Changed 6 years ago by gk

Either Mozilla decides they like our ideas, or they don't.

Sure. The thing is someone has to open bugs in Mozillas Bugzilla and propose a patch in order to get Mozilla and the responsible devs aware of your work. I got e.g. the HTTP-Auth patch included into Mozilla (see: https://bugzilla.mozilla.org/show_bug.cgi?id=696662) and TBB based on FF 12 does not need it anymore. But maybe for the other patches to get accepted we should have a more general strategy including e.g. some kind of preference the "normal" Firefox user may toggle to get a particular feature activated. Maybe there are some folks who do not want a memory only permissions manager or that want to get their SSL session id cached.

comment:11 Changed 5 years ago by mikeperry

Resolution: implemented
Status: newclosed
Note: See TracTickets for help on using tickets.