Set network.proxy.allow_hijacking_localhost to true

https://bugzilla.mozilla.org/1507110 disables proxying localhost even when network.proxy.no_proxies_on is empty. We now need to also set allow_hijacking_localhost=true in order to avoid websites being able to access local network.

added BugSmashFund TorBrowserTeam201909R actualpoints::0.05 component::applications/tor browser ff68-esr owner::tbb-team points::0.25 priority::high resolution::fixed severity::normal status::closed tbb-9.0-must-alpha type::defect labels

Adding Sponsor 44 to ESR68 tickets

Trac:
Sponsor: N/A to Sponsor44-can

Trac:
Keywords: N/A deleted, tbb-9.0-must-alpha added

Trac:
Points: N/A to 0.25

Patch in https://www.github.com/acatarineu/tor-browser/commit/31065

Trac:
Status: new to needs_review

Looks good. I cherry-picked the patch to tor-browser-68.1.0esr-9.0-2 (commit 5b5b014217a2df562ea4551ae68d0bc267cedf97).

FWIW: I was pondering removing the network.proxy.no_proxies_on now that it's by default set to "". However, I thought we might want to leave it in as a defense-in-depth.

Trac:
Resolution: N/A to fixed
Keywords: N/A deleted, TorBrowserTeam201909R added
Status: needs_review to closed

Trac:
Actualpoints: N/A to 0.05

BugSmashFund can be used for the ESR work done so far

Trac:
Keywords: N/A deleted, BugSmashFund added

Sponsor 44 only covered PM and Team Lead work

Trac:
Sponsor: Sponsor44-can to N/A

closed

changed time estimate to 2h

added 24m of time spent

mentioned in issue #32313 (moved)

moved to tpo/applications/tor-browser#31065 (closed)