[tor-browser#32668] More reliable Security Level Reset on Tor / Mullvad Browser.

2024-10-29 10:15:03 +01:00 · 2024-10-29 10:15:03 +01:00 · 96b71bf15d
parent 5e8a8ed611
commit 96b71bf15d
3 changed files with 33 additions and 24 deletions
--- a/src/bg/Defaults.js
+++ b/src/bg/Defaults.js
@ -37,10 +37,11 @@ var Defaults = {
        TabGuardMode: "incognito",
        TabGuardPrompt: "post",
        cascadeRestrictions : false,
-        overrideTorBrowserPolicy: false, // note: Settings.update() on reset will flip this to true
+        overrideTorBrowserPolicy: false,
      }
    };
-    let defaultsClone = JSON.parse(JSON.stringify(defaults));
+
    const defaultsClone = JSON.parse(JSON.stringify(defaults));
    for (let [k, v] of Object.entries(defaults)) {
      let store = await Storage.get(k, k);
--- a/src/bg/Settings.js
+++ b/src/bg/Settings.js
@ -98,25 +98,7 @@ var Settings = {
    let reloadOptionsUI = false;
    if (isTorBrowser) {
-      // Tor Browser-specific settings
+      // Initialization or Security Level change message from Tor / Mullvad Browser
      ns.defaults.local.isTorBrowser = true; // prevents reset from forgetting
      ns.defaults.sync.cascadeRestrictions = true; // we want this to be the default even on reset
      Sites.onionSecure = true;
      ns.local.torBrowserPolicy = policy; // save for reset
      if (!this.gotTorBrowserInit) {
        // First initialization message from the Tor Browser
        this.gotTorBrowserInit = true;
        if (ns.sync.overrideTorBrowserPolicy) {
          // If the user chose to override Tor Browser's policy we skip
          // copying the Security Level preset on startup (only).
          // Manually changing the security level works as usual.
          ns.local.isTorBrowser = true;
          await Promise.all([ns.saveSession(), ns.save(ns.local)]);
          this.reloadOptionsUI();
          return;
        }
      }
      reloadOptionsUI = true;
      if (policy && policy.TRUSTED) {
@ -138,17 +120,38 @@ var Settings = {
        }
      }
-      let torBrowserSettings = {
+      const torBrowserSettings = {
        local: {
          isTorBrowser: true,
          torBrowserPolicy: policy, // save for reset
        },
        sync: {
          cascadeRestrictions: true,
        }
      }
-      for (let [storage, prefs] of Object.entries(torBrowserSettings)) {
+      for (const [storage, prefs] of Object.entries(torBrowserSettings)) {
        settings[storage] = Object.assign(settings[storage] || {}, prefs);
        // instantly mirror to ns.local & ns.sync
        Object.assign(ns[storage], prefs);
      }
      if (!ns.gotTorBrowserInit) {
        // This is the startup message
        ns.gotTorBrowserInit = true;
        await ns.saveSession();
        // Preserve user-overridden policy, since this
        // is not an user-triggered Security Level change
        if (ns.sync.overrideTorBrowserPolicy) {
          policy = null;
        }
      }
    }
    if (ns.local.isTorBrowser) {
      // prevents resets from forgetting Tor Browser settings
      ns.defaults.local.isTorBrowser = true;
      ns.defaults.local.torBrowserPolicy = ns.local.torBrowserPolicy;
      ns.defaults.sync.cascadeRestrictions = true;
    }
    if (settings.sync === null) {
@ -189,7 +192,10 @@ var Settings = {
  },
  createDefaultDryPolicy() {
-    let dp = new Policy().dry();
+    const dp = new Policy().dry();
    if (ns.local?.isTorBrowser) {
      return dp; // no default trusted sites
    }
    dp.sites.trusted = `
      addons.mozilla.org
      afx.ms ajax.aspnetcdn.com
--- a/src/bg/main.js
+++ b/src/bg/main.js
@ -71,12 +71,14 @@
        if (data) {
          ns.policy = new Policy(data.policy);
          ns.unrestrictedTabs = new Set(data.unrestrictedTabs);
          ns.gotTorBrowserInit = data.gotTorBrowserInit;
        }
      },
      beforeSave() { // beforeSave
        return {
          policy: ns.policy.dry(true),
          unrestrictedTabs: [...ns.unrestrictedTabs],
          gotTorBrowserInit: ns.gotTorBrowserInit,
        };
      },
    }