Opened 6 years ago

Closed 4 years ago

#2871 closed defect (implemented)

Patches for Firefox/Tor Browser

Reported by: mikeperry Owned by: mikeperry
Priority: Medium Milestone:
Component: Firefox Patch Issues Version:
Severity: Keywords:
Cc: g.koppen@…, tagnaq@…, lunar@…, tom+tor-trac@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by mikeperry)

We're going to need to create and maintain a series of patches for Firefox 4 for use in our Tor Browser Bundles. Hopefully this is a short-term thing, and we'll get most of these merged into upstream Firefox for FF5. It will probably be easier to track most of these in our own bug tracker for now. This is going to be the parent ticket for that.

Ticket Component Owner Summary Priority Points
#2872 Firefox Patch Issues mikeperry Limit the fonts available in TorBrowser High 8
#2875 Firefox Patch Issues mikeperry Spoof Desktop Resolution in TorBrowser High 6
#3229 Firefox Patch Issues mikeperry Make content pref service memory-only + clearable High 1
#3547 Firefox Patch Issues mikeperry Disable all plugins but flash High 2
#3666 Firefox Patch Issues mikeperry SafeCache key is only 32bit High 5
#3907 Firefox Patch Issues mikeperry Provide auth headers to on-modify-request High 2
#2873 Firefox Patch Issues mikeperry Block Components.lookupMethod in TorBrowser Medium 4
#3247 Firefox Patch Issues mikeperry Fix SOCKS Timeout Medium


Child Tickets

TicketSummaryOwner
#2872Limit the fonts available in TorBrowsermikeperry
#2873Block Components.lookupMethod in TorBrowsermikeperry
#2875Spoof Desktop Resolution in TorBrowsermikeperry
#3229Make content pref service memory-only + clearablemikeperry
#3247Fix SOCKS Timeoutmikeperry
#3547Disable all plugins but flashmikeperry
#3666SafeCache key is only 32bitmikeperry
#3907Provide auth headers to on-modify-requestmikeperry

Change History (11)

comment:1 Changed 6 years ago by gk

  • Cc g.koppen@… added

comment:2 Changed 6 years ago by tagnaq

  • Cc tagnaq@… added

comment:3 Changed 6 years ago by mikeperry

  • Component changed from Tor bundles/installation to Tor Browser

comment:4 Changed 6 years ago by mikeperry

  • Description modified (diff)
  • Type changed from enhancement to defect

comment:5 Changed 6 years ago by lunar

  • Cc lunar@… added

comment:6 Changed 6 years ago by StrangeCharm

  • Cc tom+tor-trac@… added

comment:7 Changed 6 years ago by mikeperry

  • Summary changed from Patches for Firefox 4/Tor Browser to Patches for Firefox/Tor Browser

comment:8 follow-up: Changed 5 years ago by cypherpunks

Under what circumstances is a bug marked as "fixed"/"closed" in this list? Is the ultimate aim still to get (as many as possible of) these patches accepted in Firefox upstream? If so, is the upstream acceptance status of individual patches being tracked anywhere?

comment:9 in reply to: ↑ 8 ; follow-up: Changed 5 years ago by mikeperry

Replying to cypherpunks:

Under what circumstances is a bug marked as "fixed"/"closed" in this list? Is the ultimate aim still to get (as many as possible of) these patches accepted in Firefox upstream? If so, is the upstream acceptance status of individual patches being tracked anywhere?

Dearest cypherpunks,

We're functioning as a prototype for privacy by design in private browsing modes. I have no spare time to deal with shepherding patches upstream. I am the only browser engineer we have, and I am still working on ensuring our prototype meets its design requirements: https://www.torproject.org/projects/torbrowser/design/#DesignRequirements

We maintain a canonical list of our Firefox patches at https://www.torproject.org/projects/torbrowser/design/#firefox-patches.

Either Mozilla decides they like our ideas, or they don't.

comment:10 in reply to: ↑ 9 Changed 5 years ago by gk

Either Mozilla decides they like our ideas, or they don't.

Sure. The thing is someone has to open bugs in Mozillas Bugzilla and propose a patch in order to get Mozilla and the responsible devs aware of your work. I got e.g. the HTTP-Auth patch included into Mozilla (see: https://bugzilla.mozilla.org/show_bug.cgi?id=696662) and TBB based on FF 12 does not need it anymore. But maybe for the other patches to get accepted we should have a more general strategy including e.g. some kind of preference the "normal" Firefox user may toggle to get a particular feature activated. Maybe there are some folks who do not want a memory only permissions manager or that want to get their SSL session id cached.

comment:11 Changed 4 years ago by mikeperry

  • Resolution set to implemented
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.