Skip to content
This repository has been archived by the owner on Dec 11, 2019. It is now read-only.

frontend changes for tor integration #12987

Closed
wants to merge 15 commits into from
Closed

frontend changes for tor integration #12987

wants to merge 15 commits into from

Conversation

diracdeltas
Copy link
Member

@diracdeltas diracdeltas commented Feb 1, 2018
edited
Loading

requires brave/muon#473
requires brave/muon#470
requires brave/muon#476

fix #12235
fix #1185
fix #8224
fix #12997
fix #13064
fix #13212
fix #13065
fix #12990
fix #13396
fix #13447
fix #12922
fix #13658
fix #13925

Test plans

Basic functionality

  1. Open a new private tab. The 'Use tor' and 'Use duckduckgo' switches should be on.
  2. Go to check.torproject.org in the private tab. It should say that you're using Tor.
  3. Go to check.torproject.org in a regular tab. It should not say that you're using Tor.
  4. Go to https://www.whatismyip.com/ in a second private tab. It should show a different IP than what was shown on check.torproject.org in the first private tab.
  5. Open a new private tab and do a search. It should go over duckduckgo.
  6. Open shields in a tor tab. It should show a warning that some sites don't work over Tor.
  7. Open shields in a regular tab. It shouldn't show a warning.

Enable/disable

  1. Disable Tor in a private tab. Disable DDG.
  2. Visit check.torproject.org in the tab. It should not say that you're using Tor. If you open more private tabs, you should see the same result.
  3. Re-enable Tor. DDG should be auto-enabled too.
  4. Go to check.torproject.org in the private tab. It should say that you're using Tor.
  5. Disable duckduckgo in the private tab. Do a search and it should go over Google now.

Issue 12990

  1. go to http://3expgpdnrrzezf7r.onion/ in a tor tab
  2. no icon should be in the urlbar
  3. go to https://3g2upl4pq6kufc4m.onion/
  4. you should see a lock icon

Issue 13347

  1. go to https://browserleaks.com/geo in a tor tab
  2. you should not see a prompt asking to access your location
  3. the tab should show "PERMISSION DENIED - user denied geolocation"

Plugins

  1. ensure flash is installed and enabled in preferences
  2. go to https://www.onlinemictest.com/webcam-test-in-adobe-flash/
  3. make sure there is no popup asking you to run flash
  4. right click on the flash click-to-play element (looks like a puzzle
    piece) on the page. no context menu should appear.
  5. go to https://shaka-player-demo.appspot.com in a tor private tab
  6. you should not see a widevine notification

Favicon leak

  1. Go to bing.com in a tor tab.
  2. Open the browser inspector (shift + fn + f8 on mac) and inspect the favicon in the tab area.
  3. It should show up as a data: URL instead of https://bing.com....

Search autocomplete

  1. In preferences > Search, enable 'autocomplete search term'
  2. Verify that it's working as expected in a regular tab
  3. Open a new Tor tab and type in the URL bar. You should not see autocomplete search results.

WebRTC

  1. Open https://browserleaks.com/webrtc in a Tor tab. It should not show any private IPs.

WebTorrent

  1. Open a new Tor tab
  2. Go to https://webtorrent.io/torrents/sintel.torrent
  3. It should not load webtorrent

New circuit

  1. Open a Tor tab.
  2. Go to check.torproject.org, note the IP.
  3. Do a hard refresh
  4. It should now show a different IP
  5. Do a regular refresh
  6. It should show the same IP
  7. Open another Tor tab, go to https://www.whatismyip.com/. Do a hard refresh. The IP should change.
  8. Go back to the original Tor tab, do a regular refresh. It should still show the same IP.

cc @riastradh-brave @darkdh

diracdeltas
diracdeltas commented Feb 6, 2018
View reviewed changes
app/filtering.js Outdated
if (!ses || !origin) {
return
}
ses.setTorNewIdentity(origin)
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it seems easier to just do ses.setTorNewIdentity(url) here instead of ses.setTorNewIdentity(origin) since new identity is actually set by host in Muon, not origin: brave/muon@7e052dd#diff-df5c427fd693f9ebb2e5952cf0e9c8c7R744

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just fixed in 9048d8a

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

btw, the correct value should be SiteInstance
brave/muon@c3d6769#diff-df5c427fd693f9ebb2e5952cf0e9c8c7R749

@diracdeltas diracdeltas mentioned this pull request Feb 6, 2018
Merged
@diracdeltas diracdeltas added this to the 0.24.x (master) milestone Mar 14, 2018
@darkdh
Copy link
Member

darkdh commented Mar 24, 2018

rebased against master

@codecov-io
Copy link

codecov-io commented Apr 3, 2018
edited
Loading

Codecov Report

Merging #12987 into master will decrease coverage by 0.14%.
The diff coverage is 29.5%.

@@            Coverage Diff             @@
##           master   #12987      +/-   ##
==========================================
- Coverage   56.45%   56.31%   -0.15%     
==========================================
  Files         284      284              
  Lines       29361    29516     +155     
  Branches     4877     4912      +35     
==========================================
+ Hits        16576    16621      +45     
- Misses      12785    12895     +110
Flag Coverage Δ
#unittest 56.31% <29.5%> (-0.15%) ⬇️
Impacted Files Coverage Δ
js/constants/appConfig.js 100% <ø> (ø) ⬆️
js/constants/config.js 55.55% <ø> (ø) ⬆️
js/stores/windowStore.js 28.65% <ø> (-0.11%) ⬇️
js/constants/appConstants.js 100% <ø> (ø) ⬆️
js/constants/settings.js 100% <ø> (ø) ⬆️
js/constants/messages.js 100% <ø> (ø) ⬆️
js/actions/appActions.js 18.44% <0%> (-0.72%) ⬇️
js/about/aboutActions.js 8.66% <0%> (-0.21%) ⬇️
js/flash.js 22.22% <0%> (-0.51%) ⬇️
js/stores/appStore.js 28.16% <0%> (-0.11%) ⬇️
... and 33 more

@diracdeltas diracdeltas modified the milestones: 0.24.x (Nightly Channel), 0.22.x Release 3 (Beta channel), 0.23.x (Developer Channel) May 1, 2018
riastradh-brave and others added 2 commits May 2, 2018 17:22
@riastradh-brave @diracdeltas
Tor MVP
25343a4 
Support isolated_storage and tor_proxy
requires brave/muon#473

Use Session::IsOffTheRecord to detect private tab
requires
brave/muon@edad1b2

Set Tor new identify
fix #12997
requires
brave/muon@7e052dd

Session::IsOffTheRecord for app/filtering

Refresh page after getting new identity
requires
brave/muon@c3d6769

implement switch Tor Private Tabs in about:newtab
set isTor depending on tor private tab setting and tor availability
close/re-open private tab when tor switch is toggled
Recreate tor private tab at the same index it was previously at
always enable new identity button for now

Disable search suggestions in private mode for Tor
Fix #13064

set ddg as default search engine in tor private tabs
fix #13212

Disable webtorrent in tor private mode
fix #13063

load favicons in Tor tabs as data: URLs
fix #13065

Omit unlocked icon for HTTP onion sites
Fix #12990
also fix unittests
Test Plan:
1. go to http://3expgpdnrrzezf7r.onion/ in a private tab
2. no icon should be in the urlbar
3. go to https://3g2upl4pq6kufc4m.onion/
4. you should see a lock icon

disable webrtc in tor mode
fix #13397
add note to shields panel about breakage in tor mode

Tor binary path will be passed from browser-laptop (#13455)

Disable widevine notification on Tor tabs
needed for #13396
Test Plan:
1. go to https://shaka-player-demo.appspot.com in a tor private tab
2. you should not see a widevine notification

disable plugins in Tor private tabs

Workaround browser-context-created not being emitted for tor tabs

Disable flash click to play on tor tabs
TODO: figure out a way to disable widevine on a per-tab basis
Test Plan:
1. ensure flash is installed and enabled in preferences
2. go to https://get.adobe.com/flashplayer/about/
3. make sure there is no popup asking you to run flash
4. right click on the flash click-to-play element (looks like a puzzle
   piece) on the page. no context menu should appear.

deny geolocation in tor mode
fix #13447

implement new tor tabs mockup
fix #12922

implement new Tor New Identity UX
fix #13658
Test Plan:
1. open new private tab
2. go to check.torproject.org and open shields
3. click 'new circuit' button in shields
4. it should reload the page and show a new IP
5. open shields again, click the info circle next to 'new circuit'
5. it should open a FAQ page

Bundling tor with Brave

Set the tor socks port and data directory. (#13641)
Pass the port and data directory down for tor to use depending on channel

bind tor new circuit to hard refresh in tor tabs
fix #13925

upgrade to muon 6.1.0 for tor API support
@diracdeltas
gitignore Tor binary
43864ae
@diracdeltas diracdeltas changed the title [WIP] frontend changes for tor integration frontend changes for tor integration May 3, 2018
@diracdeltas
Copy link
Member Author

0.23.x rebase: https://github.com/brave/browser-laptop/tree/tor/0.23.x

the only non-obvious thing about the rebase is that it will by default lose the Tor onion URL unit tests. you can cherry pick 1bd0041 to re-add them.

diracdeltas and others added 2 commits May 3, 2018 18:05
@diracdeltas
Use Node sha512 for windows compatibility
1c5ec3c
@riastradh-brave @diracdeltas
Make the tor binary executable on all platforms.
297afb2 
Also, do it to the binary, not to the zip file, on Windows.  Not sure
how this worked before!  Maybe the file got truncated rather than
replaced?

Auditors:
@diracdeltas
@jumde

Test Plan:

Launch Brave.  New private tab.  Turn on Tor.  Visit
https://check.torproject.org and confirm Tor is working.
@diracdeltas
initialize Tor partition at startup
cb9be30 
to reduce delay when opening the tor private tab, in preparation for
moving tor initialization to startup.

Auditors: @darkdh
diracdeltas
diracdeltas commented May 7, 2018
View reviewed changes
tools/package_tor.js Outdated
fs.createReadStream(torBinary).pipe(unzip.Extract({ path: torPath }))
}
// make it executable
fs.chmodSync(torBinary, 0o755)
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

works (still) on mac

@jumde could you check windows?

@diracdeltas
Copy link
Member Author

closing this in favor of #14143

@bsclifton bsclifton deleted the feature/tor branch July 27, 2018 17:20
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@darkdh darkdh darkdh left review comments

Assignees

@diracdeltas diracdeltas

@darkdh darkdh

Labels
feature/tor PR/work-in-progress ⚒
Projects
None yet
Milestone
0.23.x (Release Channel)
5 participants
@diracdeltas @darkdh @codecov-io @riastradh-brave @jumde