Security/Tor Uplift/Tracking

Tor Uplift

To uplift all of the Tor Browser patches to mainline Firefox. The general approach is to add preferences for anything that breaks the web and set them to default "off" so that the behavior of default Firefox does not change. All bugs are tagged with [tor]. The Tor Browser design document is here.

Active Bugs

Bugs which are assigned and being worked on.

Full Query

ID	Whiteboard	Summary	Status	Priority	Assigned to
1429838	[tor 27604]	After restoring profile to a different location, paths in extensions.json are incorrect	ASSIGNED	P2	Alex Catarineu (Tor Browser dev)
444222	[tor][tor-standalone][tor 16620][domsecurity-backlog1]	window.name can be used as an XSS attack vector	ASSIGNED	P2	Andrea Marchesini [:baku]
1302566	[tor][domsecurity-backlog1][OA]	remove the IsInPrivateBrowsing mode from shared workers and use origin attributes instead.	REOPENED	P3	Andrea Marchesini [:baku]
1433030	[tor 21830]	Copying large text from web console leaks to /tmp	REOPENED	P2	Arthur Edelstein [:arthur]
1213698	[tor][tor-standalone]	error: undefined reference to 'dlsym' if building with ASan and GCC (Tor 17509)	REOPENED	P3	Georg Koppen
1611534	[tor 33155]	Cross-origin information leakage via cross-origin window frame count	ASSIGNED	P5	sanketh
1314443	[tor][fingerprinting][tor-mobile][fp-triaged]	Audit the existing disable WebRTC preferences and ensure they work as advertised	ASSIGNED	P3	Tom Ritter [:tjr] (ni for response to sec-[approval\|rating\|advisories\|cve])
1461454	[tor 13543][fingerprinting][fp-triaged]	Support Resist Fingerprinting in canPlayType and Media Capabilities APIs	ASSIGNED	P2	Tom Ritter [:tjr] (ni for response to sec-[approval\|rating\|advisories\|cve])

8 Total; 8 Open (100%); 0 Resolved (0%); 0 Verified (0%);

Assigned, but not started

These bugs have an owner, but their status is 'NEW' indicating that they are not being worked on yet.

Full Query

ID	Whiteboard	Summary	Status	Priority	Assigned to
1444062	[tor 21321]	Adapt browser_insecureLoginForms.js to take into account that .onion domains might be secure	NEW	P4	Georg Koppen
1538130	[fingerprinting][tor]	privacy.resistFingerprinting should not create windows with rounded dimensions when letterboxing is enabled	NEW	P5	Kestrel
1358149	[tor 13017][fingerprinting][fp-triaged]	Address fingerprinting using AudioContext	NEW	P2	Paul Adenot (:padenot)
1339100	[tor 21445], investigation, triaged	Firefox does not open correctly from read-only filesystem (FileUtils.getFile() failure when checking for bundled blocklist)	NEW	P3	Robert Helmer [:rhelmer]
1594455	[tor 32220]	Change the letterboxing background to match the theme, and reposition the content	NEW	P3	Richard Pospesel (Tor Browser Dev)
1601040	[tor 32325][fingerprinting]	Add UI for modifying resistFingerprinting prefs when privacy.resistFingerprinting is enabled	NEW	--	Richard Pospesel (Tor Browser Dev)
1414311	[fingerprinting][fp-triaged][tor 30625]	New window size is different than expected after changing screen dpi (with privacy.resistFingerprinting pref enabled)	NEW	P2	Tim Huang[:timhuang]
1436226	[tor 22548] [fingerprinting][fp-triaged]	Hardcode VP8/VP9 algorithm choice when resisting fingerprinting	NEW	P2	Tim Huang[:timhuang]
1475973	[tor][fingerprinting][fp-triaged]	browser/components/resistfingerprinting/test/browser/browser_roundedWindow_open_* and browser/components/resistfingerprinting/test/browser/browser_roundedWindow_windowSetting_* fail on Windows install with 150% dpi	NEW	P3	Tim Huang[:timhuang]
1485249	[tor 6370][gfx-noted][fingerprinting][fp-triaged]	WebGL extensions should be disabled when private.resistFingerprinting is enabled	NEW	P2	Tim Huang[:timhuang]
1519122	[tor][fingerprinting]	In RFP Mode, spoof the modifier state "Meta" in OSX into a "Ctrl" state in keyboard events.	NEW	P2	Tim Huang[:timhuang]
1338006	[OA][tor]	Perform OriginAttributes Review of WebRTC	NEW	P3	Tom Ritter [:tjr] (ni for response to sec-[approval\|rating\|advisories\|cve])
1393901	[tor]	--enable-webrtc does not build under MinGW	NEW	P5	Tom Ritter [:tjr] (ni for response to sec-[approval\|rating\|advisories\|cve])
1612422	[tor]	Create a MinGW reproducible build job	NEW	--	Tom Ritter [:tjr] (ni for response to sec-[approval\|rating\|advisories\|cve])

14 Total; 14 Open (100%); 0 Resolved (0%); 0 Verified (0%);

Backlog (all unowned)

Bugs looking for an owner.
<disabled-bugzilla>

 {
    "include_fields": "id, whiteboard, summary, status, resolution, priority, assigned_to",
   "f1":"status_whiteboard",
   "f2":"status_whiteboard",
   "query_format":"advanced",
   "o1":"substring",
   "v1":"[TOR]",
   "o2":"notsubstring",
   "v2":"[OA-testing]",
   "order": "bug_id",
   "status":["__open__"],
   "assigned_to":"nobody@mozilla.org",
   "keywords_type":"nowords",
   "keywords":"meta"
 }

</disabled-bugzilla>

Testing Bugs

Origin Testing bugs are tagged with [tor-testing]

Full Query

ID	Whiteboard	Summary	Status	Priority
1264152	btpp-active[OA-testing][tor-testing][domsecurity-backlog1]	Create a tag for OriginAttribute mochitests	NEW	P3
1314449	[necko-would-take][tor-testing][meta]	Create testing framework for proxy-bypass tests for Firefox	NEW	P5
1314793	[tor-mobile][tor-testing]	Creating Testing Framework for Proxy Bypasses for Fennec	NEW	P5
1337868	[OA-testing][tor-testing][domsecurity-backlog1]	Add Origin Attribute connection isolation tests for HTTP2, TLS, and WebSockets	NEW	P3
1365623	[necko-would-take][tor-testing]	Create a proxy bypass test for SourceMap	NEW	P5

5 Total; 5 Open (100%); 0 Resolved (0%); 0 Verified (0%);

Meta Bugs

This list is here for completeness.

Full Query

ID	Whiteboard	Summary	Status	Resolution	Priority	Assigned to
1260929	[tor], [domsecurity-meta]	[META] Tor Patch Uplifting	NEW		P3	Ethan Tseng [:ethan]

1 Total; 1 Open (100%); 0 Resolved (0%); 0 Verified (0%);

Completed Bugs

Patches that have been successfully uplifted (or [tor] tickets otherwise fixed)
<disabled-bugzilla>

 {
   "include_fields": "id, whiteboard, summary, status, resolution, priority, assigned_to",
   "f1":"status_whiteboard",
   "query_format":"advanced",
   "o1":"substring",
   "v1":"[tor",
   "order": "assigned_to,bug_id",
   "status":["RESOLVED"],
   "keywords_type":"nowords",
   "keywords":"meta",
   "resolution":["fixed", "duplicate"]
 }

</disabled-bugzilla>

Security/Tor Uplift/Tracking

Contents

Tor Uplift

Active Bugs

Assigned, but not started

Backlog (all unowned)

Testing Bugs

Meta Bugs

Completed Bugs

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

How to Contribute

MozillaWiki

Around Mozilla

Tools