Microsoft is acquiring GitHub. Decentraleyes is leaving GitHub. Welcome to its new home!

To participate, please register, or sign in with an existing GitLab.com, Bitbucket, or GitHub account.

Past contributions on GitHub? Be sure to reclaim your Comments, Issues, and Pull Requests.

Commit 4360a8c6 authored by Thomas Rientjes's avatar Thomas Rientjes

Implement mobile-specific preference mappings

parent f22218c4
......@@ -15,23 +15,59 @@ const kSecuritySettings = {
// Preference name : [0-low 1-m 2-high]
"javascript.options.ion.content" : [true, false, false],
"javascript.options.typeinference" : [true, false, false],
"noscript.forbidMedia" : [false, true, true ],
"media.webaudio.enabled" : [true, false, false],
"mathml.disabled" : [false, true, true ],
"javascript.options.baselinejit.content" : [true, false, false],
"gfx.font_rendering.opentype_svg.enabled" : [true, false, false],
"noscript.global" : [true, false, false],
"noscript.globalHttpsWhitelist" : [false, true, false],
"noscript.forbidFonts" : [false, false, true ],
"svg.in-content.enabled" : [true, true, false],
"svg.in-content.enabled" : [true, true, false]
};
// The Security Settings prefs in question.
const kSliderPref = "extensions.tor-browser-settings@torproject.org.security_level";
const kCustomPref = "extensions.tor-browser-settings@torproject.org.security_custom";
const nsaPolicyPref = "extensions.nsa.policy";
const nsaStandard = {
"js": true,
"webgl": true,
"java": true,
"flash": true,
"silverlight": true,
"plugin": true,
"media": true,
"frame": true,
"font": true
};
const nsaSafest = {
"js": false,
"webgl": false,
"java": false,
"flash": false,
"silverlight": false,
"plugin": false,
"media": false,
"frame": false,
"font": false
};
// ### Prefs
var generate_nsa_policy = function () {
let currentNsaPolicy = get(nsaPolicyPref) || '{"UNTRUSTED":{},"TRUSTED":{"js":true,"webgl":true,"java":true,"flash":true,"silverlight":true,"plugin":true,"media":true,"frame":true,"font":true},"DEFAULT":{"frame":true},"mozilla.org":1,"mozilla.com":1,"mozilla.net":1,"google.com":1,"gstatic.com":1,"googleapis.com":1,"yahoo.com":1,"yimg.com":1,"yahooapis.com":1,"hotmail.com":1,"live.com":1,"wlxrs.com":1,"securecode.com":1,"recaptcha.net":1,"noscript.net":1,"flashgot.net":1,"informaction.com":1,"youtube.com":1,"ytimg.com":1}';
let securitySliderValue = get(kSliderPref);
currentNsaPolicy = JSON.parse(currentNsaPolicy);
currentNsaPolicy.UNTRUSTED = {};
if (securitySliderValue === 0 || securitySliderValue === "0") {
currentNsaPolicy.TRUSTED = nsaStandard;
currentNsaPolicy.DEFAULT = nsaStandard;
} else {
currentNsaPolicy.TRUSTED = nsaSafest;
currentNsaPolicy.DEFAULT = nsaSafest;
}
return JSON.stringify(currentNsaPolicy);
};
// __write_setting_to_prefs(settingIndex)__.
// Take a given setting index and write the appropriate pref values
// to the pref database.
......@@ -94,6 +130,7 @@ var initialize = function () {
return;
}
initialized = true;
set(nsaPolicyPref, generate_nsa_policy());
// When security_custom is set to false, apply security_slider setting
// to the security-sensitive prefs.
utils.bindPrefAndInit(kCustomPref, function (custom) {
......@@ -105,6 +142,7 @@ var initialize = function () {
// be set to false.
utils.bindPref(kSliderPref, function (prefIndex) {
set(kCustomPref, false);
set(nsaPolicyPref, generate_nsa_policy());
write_setting_to_prefs(prefIndex);
});
// If a security-sensitive pref changes, then decide if the set of pref values
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment