commit c1821b690103332c8838baff520f1a4db207b132
parent fa01026f77710dc4980b0c5b93ef943466b321d6
Author: Matthew Finkel <sysrqb@torproject.org>
Date: Fri, 3 Sep 2021 14:58:28 +0000
BB 41598: Prevent NoScript from being removed/disabled.
Bug 40253: Explicitly allow NoScript in Private Browsing mode.
Diffstat:
2 files changed, 27 insertions(+), 0 deletions(-)
diff --git a/toolkit/components/extensions/Extension.sys.mjs b/toolkit/components/extensions/Extension.sys.mjs
@@ -970,6 +970,15 @@ export class ExtensionData {
}
/**
+ * Whether this is the NoScript extension.
+ *
+ * @type {boolean}
+ */
+ get isNoScript() {
+ return this.id === "{73a6fe31-595d-460b-a920-fcc0f8843232}";
+ }
+
+ /**
* A factory function that allows the construction of ExtensionData, with
* the isPrivileged flag computed asynchronously.
*
@@ -4311,6 +4320,15 @@ export class Extension extends ExtensionData {
}
}
+ // tor-browser#40253: Explicitly allow NoScript in Private Browsing mode.
+ if (this.isNoScript) {
+ lazy.ExtensionPermissions.add(this.id, {
+ permissions: [PRIVATE_ALLOWED_PERMISSION],
+ origins: [],
+ });
+ this.permissions.add(PRIVATE_ALLOWED_PERMISSION);
+ }
+
// We only want to update the SVG_CONTEXT_PROPERTIES_PERMISSION during
// install and upgrade/downgrade startups.
if (INSTALL_AND_UPDATE_STARTUP_REASONS.has(this.startupReason)) {
diff --git a/toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs b/toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs
@@ -855,6 +855,15 @@ export class AddonInternal {
}
}
+ // Bug 41598: prevent NoScript from being uninstalled/disabled
+ if (this.id === "{73a6fe31-595d-460b-a920-fcc0f8843232}") {
+ permissions &= ~(
+ lazy.AddonManager.PERM_CAN_UNINSTALL |
+ lazy.AddonManager.PERM_CAN_DISABLE |
+ lazy.AddonManager.PERM_CAN_CHANGE_PRIVATEBROWSING_ACCESS
+ );
+ }
+
return permissions;
}
