From: Soren Stoutner Date: Fri, 25 Aug 2017 20:09:34 +0000 (-0700) Subject: Update the Guide screenshots. X-Git-Tag: v2.5~2 X-Git-Url: https://gitweb.stoutner.com/?p=PrivacyBrowserAndroid.git;a=commitdiff_plain;h=49655ec36b1119810105b04a81e7ef38933213f0;hp=b06ccc7ee187d3921b49fd89e80cb0fb6d47e9d9 Update the Guide screenshots. --- diff --git a/.idea/misc.xml b/.idea/misc.xml index 1caa1363..95f0f031 100644 --- a/.idea/misc.xml +++ b/.idea/misc.xml @@ -37,7 +37,7 @@ - + diff --git a/app/src/main/assets/de/guide_ssl_certificate_pinning.html b/app/src/main/assets/de/guide_ssl_certificate_pinning.html new file mode 100644 index 00000000..8fb49250 --- /dev/null +++ b/app/src/main/assets/de/guide_ssl_certificate_pinning.html @@ -0,0 +1,65 @@ + + + + + + + + + +

Connect with Confidence

+ +

When visiting an encrypted URL (one that begins with HTTPS), the webserver uses an SSL certificate to both encrypt the information sent to the browser and to identify the server. + The purpose of the server identification is to prevent a machine located between the browser and the webserver from pretending to be the server and decrypting the information in transit. + This type of attack is known as a Man In The Middle (MITM) attack. SSL certificates are generated by certificate authorities: companies that verify a serverâs identity and produce a certificate for a fee. + Android has a list of trusted certificate authorities, and will accept any of their certificates for any website. + It isnât supposed to be possible for an organization to acquire an SSL certificate for a domain they do not control, but in practice many governments and large corporations have been able to do so.

+ +

The purpose of SSL certificate pinning is to tell the browser that only one specific SSL certificate is to be trusted for a particular domain. Any other certificate, even if it is valid, will be rejected.

+ +

SSL certificates expire on a specified date, so even pinned SSL certificates will legitimately need to be updated from time to time. + As a general rule, pinning SSL certificates probably isnât needed in the majority of cases. + But for those who suspect that powerful organizations may be targeting them, SSL certificate pinning can detect and thwart a MITM attack.

+ +

SSL certificates can be pinned in Domain Settings. + Besides protecting against MITM attacks, pinning a self-signed certificate for a device like a wireless router or access point will remove the error message that is normally presented every time its website is loaded.

+ + \ No newline at end of file diff --git a/app/src/main/assets/de/guide_user_agent.html b/app/src/main/assets/de/guide_user_agent.html index 72de603f..4f447406 100644 --- a/app/src/main/assets/de/guide_user_agent.html +++ b/app/src/main/assets/de/guide_user_agent.html @@ -56,9 +56,8 @@ mobile Browser.

Privacy Browser nutzt standardmÃ¤Ãig den auf dem GerÃ¤t in WebView integrierten User Agent. - Sie kÃ¶nnen nachsehen, welcher es ist, wenn Sie in die Einstellungen gehen und den User - Agent auf WebView-Standard stellen. Der Screenshot unten zeigt ein Nexus 6P mit Android 6.0.1 - und installiertem Android System WebView 52.0.2743.98.

+ Sie kÃ¶nnen nachsehen, welcher es ist, wenn Sie in die Einstellungen gehen und den User Agent auf WebView-Standard stellen. + Der Screenshot unten zeigt ein Nexus 6P mit Android 7.1.2 und installiertem Android System WebView 60.0.3112.107.

diff --git a/app/src/main/assets/de/images/advertising_id.png b/app/src/main/assets/de/images/advertising_id.png index 6cad3631..5b4978e1 100644 Binary files a/app/src/main/assets/de/images/advertising_id.png and b/app/src/main/assets/de/images/advertising_id.png differ diff --git a/app/src/main/assets/de/images/domain_settings.png b/app/src/main/assets/de/images/domain_settings.png index 16493855..c4fe96db 100644 Binary files a/app/src/main/assets/de/images/domain_settings.png and b/app/src/main/assets/de/images/domain_settings.png differ diff --git a/app/src/main/assets/de/images/pinned_ssl_certificate.png b/app/src/main/assets/de/images/pinned_ssl_certificate.png new file mode 100644 index 00000000..363a1dc0 Binary files /dev/null and b/app/src/main/assets/de/images/pinned_ssl_certificate.png differ diff --git a/app/src/main/assets/de/images/ssl_certificate_mismatch.png b/app/src/main/assets/de/images/ssl_certificate_mismatch.png new file mode 100644 index 00000000..e437c8b7 Binary files /dev/null and b/app/src/main/assets/de/images/ssl_certificate_mismatch.png differ diff --git a/app/src/main/assets/de/images/tor.png b/app/src/main/assets/de/images/tor.png index 376d1e8c..d2c88469 100644 Binary files a/app/src/main/assets/de/images/tor.png and b/app/src/main/assets/de/images/tor.png differ diff --git a/app/src/main/assets/de/images/user_agent.png b/app/src/main/assets/de/images/user_agent.png index 3e26e775..96c6c911 100644 Binary files a/app/src/main/assets/de/images/user_agent.png and b/app/src/main/assets/de/images/user_agent.png differ diff --git a/app/src/main/assets/en/guide_ssl_certificate_pinning.html b/app/src/main/assets/en/guide_ssl_certificate_pinning.html index df3271bb..a06431bd 100644 --- a/app/src/main/assets/en/guide_ssl_certificate_pinning.html +++ b/app/src/main/assets/en/guide_ssl_certificate_pinning.html @@ -41,7 +41,7 @@ -

Know Where Youâre Going

Connect with Confidence

When visiting an encrypted URL (one that begins with HTTPS), the webserver uses an SSL certificate to both encrypt the information sent to the browser and to identify the server. The purpose of the server identification is to prevent a machine located between the browser and the webserver from pretending to be the server and decrypting the information in transit. diff --git a/app/src/main/assets/en/guide_user_agent.html b/app/src/main/assets/en/guide_user_agent.html index a8c6238c..096793bc 100644 --- a/app/src/main/assets/en/guide_user_agent.html +++ b/app/src/main/assets/en/guide_user_agent.html @@ -45,26 +45,31 @@

Browser Identification

When web browsers connect to websites, they send a user agent, which identifies the browser and the rendering capabilities it possesses. The web server can use this information to decide which version of the - website to send to the browser. For example, many websites have different versions for desktop and mobile browsers.

When web browsers connect to websites, they send a user agent, which identifies the browser and the rendering capabilities it possesses. + The web server can use this information to decide which version of the website to send to the browser. + For example, many websites have different versions for desktop and mobile browsers.

By default, Privacy Browser uses its own user agent, which is PrivacyBrowser/1.0. This sends a minimum of information to the web server. Because web servers do not recognize this to be a mobile user agent, - they typically display the desktop version of the site.

By default, Privacy Browser uses its own user agent, which is PrivacyBrowser/1.0. This sends a minimum of information to the web server. + Because web servers do not recognize this to be a mobile user agent, they typically display the desktop version of the site.

By comparison, WebViewâs default user agent divulges a large amount of information about the hardware and software of the device. On the Settings screen, selecting WebView Default as the - User agent displays the user agent that will be sent. The screenshot below shows a Nexus 6P running Android 7.1.1 with Android System WebView 55.0.2883.91 installed. Most web servers will recognize this as - a mobile browser and will display the mobile version of the site if they have one.

By comparison, WebViewâs default user agent divulges a large amount of information about the hardware and software of the device. + On the Settings screen, selecting WebView Default as the User agent displays the user agent that will be sent. + The screenshot below shows a Nexus 6P running Android 7.1.2 with Android System WebView 60.0.3112.107 installed. + Most web servers will recognize this as a mobile browser and will display the mobile version of the site if they have one.

There is enough information in the user agent that sometimes only a few visitors to a website will be the same. If the user agent is combined with another piece of non-unique identifying information, often it results in a unique fingerprint. - The Electronic Frontier Foundation created a tool called Panopticlick to demonstrate how much information can be gleaned from these sources. If this test is run with JavaScript enabled the - amount of information that is disclosed increases greatly. Browser Leaks and Am I Unique are also good sources of information.

There is enough information in the user agent that sometimes only a few visitors to a website will be the same. + If the user agent is combined with another piece of non-unique identifying information, often it results in a unique fingerprint. + The Electronic Frontier Foundation created a tool called Panopticlick to demonstrate how much information can be gleaned from these sources. + If this test is run with JavaScript enabled the amount of information that is disclosed increases greatly. + Browser Leaks and Am I Unique are also good sources of information.

There are several preset user agents that match common browsers and operating systems. For browser fingerprinting purposes, anything that is rare is easier to track. If Privacy Browser becomes common and many people use PrivacyBrowser/1.0 - as their user agent, it will be a good choice for privacy. Firefox or Chrome are the most common user agents, but they auto-update and their version numbers change so quickly that it is likely the user agents included in Privacy Browser +

There are several preset user agents that match common browsers and operating systems. For browser fingerprinting purposes, anything that is rare is easier to track. + If Privacy Browser becomes common and many people use PrivacyBrowser/1.0 as their user agent, it will be a good choice for privacy. + Firefox or Chrome are the most common user agents, but they auto-update and their version numbers change so quickly that it is likely the user agents included in Privacy Browser will often be out of step with the majority of user agents in the server logs.

Androidâs WebView does not allow the user agent to be blank. If it is, WebView simply sends the default user agent to the server.

diff --git a/app/src/main/assets/en/images/advertising_id.png b/app/src/main/assets/en/images/advertising_id.png index 7f05a57b..2d811f3c 100644 Binary files a/app/src/main/assets/en/images/advertising_id.png and b/app/src/main/assets/en/images/advertising_id.png differ diff --git a/app/src/main/assets/en/images/domain_settings.png b/app/src/main/assets/en/images/domain_settings.png index 3d4e9d02..b768699b 100644 Binary files a/app/src/main/assets/en/images/domain_settings.png and b/app/src/main/assets/en/images/domain_settings.png differ diff --git a/app/src/main/assets/en/images/green_url_bar.png b/app/src/main/assets/en/images/green_url_bar.png index 778ba0b6..93045bcd 100644 Binary files a/app/src/main/assets/en/images/green_url_bar.png and b/app/src/main/assets/en/images/green_url_bar.png differ diff --git a/app/src/main/assets/en/images/panopticlick.png b/app/src/main/assets/en/images/panopticlick.png index e8170c09..509e5676 100644 Binary files a/app/src/main/assets/en/images/panopticlick.png and b/app/src/main/assets/en/images/panopticlick.png differ diff --git a/app/src/main/assets/en/images/tor.png b/app/src/main/assets/en/images/tor.png index f6495fa2..fd029995 100644 Binary files a/app/src/main/assets/en/images/tor.png and b/app/src/main/assets/en/images/tor.png differ diff --git a/app/src/main/assets/en/images/user_agent.png b/app/src/main/assets/en/images/user_agent.png index f55c5cc7..3e5fb3c3 100644 Binary files a/app/src/main/assets/en/images/user_agent.png and b/app/src/main/assets/en/images/user_agent.png differ diff --git a/app/src/main/assets/en/images/webkay.png b/app/src/main/assets/en/images/webkay.png index 09a1b5e7..da008421 100644 Binary files a/app/src/main/assets/en/images/webkay.png and b/app/src/main/assets/en/images/webkay.png differ diff --git a/app/src/main/assets/es/guide_javascript.html b/app/src/main/assets/es/guide_javascript.html index 0dad0931..1f7a577d 100644 --- a/app/src/main/assets/es/guide_javascript.html +++ b/app/src/main/assets/es/guide_javascript.html @@ -70,8 +70,8 @@ (los cuales indican que Javascript estÃ¡ deshabilitado) y rojo

(Javascript habilitado). Revisar la diferente informaciÃ³n que webkay puede recoger con Javascript habilitado y deshabilitado es informativo.

Navegar por internet con Javascript deshabilitado, y sÃ³lo habilitarlo cuando sea necesario, hace mucho en proteger la privacidad del usuario. AdemÃ¡s, Javascript se usa para cargar muchos de - los molestos anuncios y demÃ¡s basura que viene con las mÃ¡s modernas pÃ¡ginas web. Al deshabilitarlo, las pÃ¡ginas web cargarÃ¡n mÃ¡s rÃ¡pido, consumirÃ¡n menos trÃ¡fico de red, - y contendrÃ¡n menos molestos anuncios, en lugar de aquellos que hacen cosas como cubrir el texto de toda la pÃ¡gina web.

Navegar por internet con Javascript deshabilitado, y sÃ³lo habilitarlo cuando sea necesario, hace mucho en proteger la privacidad del usuario. + AdemÃ¡s, Javascript se usa para cargar muchos de los molestos anuncios y demÃ¡s basura que viene con las mÃ¡s modernas pÃ¡ginas web. + Al deshabilitarlo, las pÃ¡ginas web cargarÃ¡n mÃ¡s rÃ¡pido, consumirÃ¡n menos trÃ¡fico de red y contendrÃ¡n menos anuncios molestos, como aquellos que cubren el texto de toda la pÃ¡gina web.

\ No newline at end of file diff --git a/app/src/main/assets/es/guide_ssl_certificate_pinning.html b/app/src/main/assets/es/guide_ssl_certificate_pinning.html new file mode 100644 index 00000000..e24ba756 --- /dev/null +++ b/app/src/main/assets/es/guide_ssl_certificate_pinning.html @@ -0,0 +1,67 @@ + + + + + + + + + +

Conectarse con confianza

+ +

Al visitar una URL cifrada (que empieza con HTTPS), el servidor web usa un certificado SSL para cifrar tanto la informaciÃ³n enviada al navegador como asimismo para identificar al servidor. + El propÃ³sito de la identificaciÃ³n del servidor es para prevenir que una mÃ¡quina ubicada entre el navegador y el servidor web pretenda ser el servidor y descifrar la informaciÃ³n en trÃ¡nsito. + Este clase de ataque es conocido como Hombre en Medio (MITM en sus iniciales en inglÃ©s). + Los certificados SSL son generados por las autoridades certificadoras: compaÃ±Ãas que verifican la identidad de un servidor y producen un certificado a cambio de una tarifa. + Android tiene una lista de autoridades certificadoras de confianza y aceptarÃ¡ cualquiera de sus certificados para cualquier pÃ¡gina web. + Se supone que no es posible que una organizaciÃ³n adquiera un certificado SSL para un dominio que no controla, pero en la prÃ¡ctica muchos gobiernos y grandes corporaciones han sido capaces de hacerlo.

+ +

El propÃ³sito de la fijaciÃ³n de certificado SSL es para decir al navegador que sÃ³lo un certificado SSL especÃfico es confiable para un dominio particular. + Cualquier otro certificado, aunque sea vÃ¡lido, serÃ¡ rechazado.

+ +

Los certificados SSL expiran en una fecha especificada, por lo que incluso los certificados SSL fijados necesitarÃ¡n legÃtimamente ser actualizados de vez en cuando. + Como regla general, fijar los certificados SSL probablemente no sea necesario en la mayorÃa de los casos. + Pero para aquellos que sospechan que organizaciones poderosas puedan estar aputando hacia ellos, la fijaciÃ³n de certificados SSL puede detectar y frustar un ataque MITM.

+ +

Los certificados SSL pueden ser fijados en ConfiguraciÃ³n de Dominios. + AdemÃ¡s de proteger contra ataques MITM, fijar un certificado autofirmado para un dispositivo como un router inalÃ¡mbrico o punto de acceso eliminarÃ¡ el mensaje de error que se presenta normalmente cada vez que se carga su pÃ¡gina web.

+ + \ No newline at end of file diff --git a/app/src/main/assets/es/guide_user_agent.html b/app/src/main/assets/es/guide_user_agent.html index f3cdca19..f32e67d9 100644 --- a/app/src/main/assets/es/guide_user_agent.html +++ b/app/src/main/assets/es/guide_user_agent.html @@ -56,7 +56,7 @@

En comparaciÃ³n, el agente de usuario por defecto de WebView divulga una gran cantidad de informaciÃ³n sobre el hardware y el software del dispositivo. En la ventana ConfiguraciÃ³n, seleccionando WebView por defecto como el Agente de usuario muestra el agente de usuario que se enviarÃ¡. - La captura de pantalla de abajo muestra un Nexus 6P corriendo Android 7.1.1 con el sistema de android WebView 55.0.2883.91 instalado. + La captura de pantalla de abajo muestra un Nexus 6P corriendo Android 7.1.2 con el sistema de android WebView 60.0.3112.107 instalado. La mayorÃa de servidores web reconocerÃ¡n esto como un navegador mÃ³vil y mostrarÃ¡ la versiÃ³n mÃ³vil del sitio si dispone de ella.

diff --git a/app/src/main/assets/es/images/advertising_id.png b/app/src/main/assets/es/images/advertising_id.png index 66efaaf7..b4c22825 100644 Binary files a/app/src/main/assets/es/images/advertising_id.png and b/app/src/main/assets/es/images/advertising_id.png differ diff --git a/app/src/main/assets/es/images/domain_settings.png b/app/src/main/assets/es/images/domain_settings.png index ddeb0025..949a2cc3 100644 Binary files a/app/src/main/assets/es/images/domain_settings.png and b/app/src/main/assets/es/images/domain_settings.png differ diff --git a/app/src/main/assets/es/images/pinned_ssl_certificate.png b/app/src/main/assets/es/images/pinned_ssl_certificate.png new file mode 100644 index 00000000..7572d9d5 Binary files /dev/null and b/app/src/main/assets/es/images/pinned_ssl_certificate.png differ diff --git a/app/src/main/assets/es/images/ssl_certificate_mismatch.png b/app/src/main/assets/es/images/ssl_certificate_mismatch.png new file mode 100644 index 00000000..39dac108 Binary files /dev/null and b/app/src/main/assets/es/images/ssl_certificate_mismatch.png differ diff --git a/app/src/main/assets/es/images/tor.png b/app/src/main/assets/es/images/tor.png index 1b6cd109..b470bbf9 100644 Binary files a/app/src/main/assets/es/images/tor.png and b/app/src/main/assets/es/images/tor.png differ diff --git a/app/src/main/assets/es/images/user_agent.png b/app/src/main/assets/es/images/user_agent.png index 1bdc7b84..1164e0bc 100644 Binary files a/app/src/main/assets/es/images/user_agent.png and b/app/src/main/assets/es/images/user_agent.png differ diff --git a/app/src/main/assets/it/guide_ssl_certificate_pinning.html b/app/src/main/assets/it/guide_ssl_certificate_pinning.html new file mode 100644 index 00000000..8fb49250 --- /dev/null +++ b/app/src/main/assets/it/guide_ssl_certificate_pinning.html @@ -0,0 +1,65 @@ + + + + + + + + + +

Connect with Confidence

+ +

+ + \ No newline at end of file diff --git a/app/src/main/assets/it/guide_user_agent.html b/app/src/main/assets/it/guide_user_agent.html index be408e72..308335c2 100644 --- a/app/src/main/assets/it/guide_user_agent.html +++ b/app/src/main/assets/it/guide_user_agent.html @@ -50,23 +50,27 @@

Nel momento in cui un browser si connette ai siti web, invia uno user agent che identifica il browser e le sue caratteristiche di rendering. Il web server puÃ² utilizzare tali informazioni per decidere quale versione del sito inviare al browser. Molti siti web infatti sono disponibili in versioni diverse a seconda che vi si acceda con browser da PC (desktop) o da dispositivo mobile.

Per default Privacy Browser utilizza un proprio user agent (o identificazione), ovvero PrivacyBrowser/1.0. Questo invia un set minimo di informazioni al web server. Dal momento che i web server non lo riconoscono come uno user agent di un dispositivo mobile, - generalmente inviano la versione desktop del sito.

Per default Privacy Browser utilizza un proprio user agent (o identificazione), ovvero PrivacyBrowser/1.0. Questo invia un set minimo di informazioni al web server. + Dal momento che i web server non lo riconoscono come uno user agent di un dispositivo mobile, generalmente inviano la versione desktop del sito.

In confronto, lo user agent di default di WebView invia una grande quantitÃ di informazioni sull'hardware e sul software del dispositivo. Sulla schermata Settings, selezionando WebView Default come - User agent viene mostrato lo user agent che sarÃ inviato al web server. Lo screenshot sottostante mostra un Nexus 6P con Android 7.1.1 con installato Android System WebView 55.0.2883.91. La maggior parte dei web server lo riconoscerÃ come - browser mobile e invierÃ la versione mobile del sito, se disponibile.

In confronto, lo user agent di default di WebView invia una grande quantitÃ di informazioni sull'hardware e sul software del dispositivo. + Sulla schermata Settings, selezionando WebView Default come User agent viene mostrato lo user agent che sarÃ inviato al web server. + Lo screenshot sottostante mostra un Nexus 6P con Android 7.1.2 con installato Android System WebView 60.0.3112.107. + La maggior parte dei web server lo riconoscerÃ come browser mobile e invierÃ la versione mobile del sito, se disponibile.

Nello user agent sono presenti informazioni sufficienti a far sÃ¬ che solo di tanto in tanto a un sito web risulteranno visitatori identici. Se allo user agent viene aggiunto qualche altro pezzetto di informazione anche non univoca, spesso il risultato sarÃ quello di avere una impronta digitale unica. - La Electronic Frontier Foundation ha creato un tool dal nome Panopticlick per dimostrare quante informazioni possono essere raccolte. Se si esegue questo test con JavaScript abilitato - la quantitÃ di informazioni Ã¨ poi ancora maggiore. Browser Leaks e Am I Unique possono fornire ulteriori interessanti informazioni al riguardo.

Nello user agent sono presenti informazioni sufficienti a far sÃ¬ che solo di tanto in tanto a un sito web risulteranno visitatori identici. + Se allo user agent viene aggiunto qualche altro pezzetto di informazione anche non univoca, spesso il risultato sarÃ quello di avere una impronta digitale unica. + La Electronic Frontier Foundation ha creato un tool dal nome Panopticlick per dimostrare quante informazioni possono essere raccolte. + Se si esegue questo test con JavaScript abilitato la quantitÃ di informazioni Ã¨ poi ancora maggiore. + Browser Leaks e Am I Unique possono fornire ulteriori interessanti informazioni al riguardo.

Sono disponibili diversi user agent predefiniti che identificano i browser e i sistemi operativi piÃ¹ comuni. Dal punto di vista dell'impronta digitale del browser, piÃ¹ Ã¨ rara, piÃ¹ Ã¨ facile da tracciare. Nel caso in cui Privacy Browser diventi di uso comune, e molti utenti utilizzino PrivacyBrowser/1.0 - come user agent, sarÃ una buona scelta dal punto di vista della privacy. Firefox o Chrome sono gli user agents piÃ¹ comuni, ma vengono aggiornati spesso e il loro numero di versione cambia cosÃ¬ di frequente che lo user agent incluso in Privacy Browser molto facilmente +

Sono disponibili diversi user agent predefiniti che identificano i browser e i sistemi operativi piÃ¹ comuni. Dal punto di vista dell'impronta digitale del browser, piÃ¹ Ã¨ rara, piÃ¹ Ã¨ facile da tracciare. + Nel caso in cui Privacy Browser diventi di uso comune, e molti utenti utilizzino PrivacyBrowser/1.0 come user agent, sarÃ una buona scelta dal punto di vista della privacy. + Firefox o Chrome sono gli user agents piÃ¹ comuni, ma vengono aggiornati spesso e il loro numero di versione cambia cosÃ¬ di frequente che lo user agent incluso in Privacy Browser molto facilmente sarÃ rimasto indietro rispetto alla maggior parte degli user agent tracciati nei log dei server.

WebView di Android non permette che lo user agent non sia specificato. In tal caso infatti, WebView invia al server lo user agent di default.

diff --git a/app/src/main/assets/it/images/advertising_id.png b/app/src/main/assets/it/images/advertising_id.png index b596fadb..c0a66699 100644 Binary files a/app/src/main/assets/it/images/advertising_id.png and b/app/src/main/assets/it/images/advertising_id.png differ diff --git a/app/src/main/assets/it/images/domain_settings.png b/app/src/main/assets/it/images/domain_settings.png index f86a2b76..42dda2a6 100644 Binary files a/app/src/main/assets/it/images/domain_settings.png and b/app/src/main/assets/it/images/domain_settings.png differ diff --git a/app/src/main/assets/it/images/pinned_ssl_certificate.png b/app/src/main/assets/it/images/pinned_ssl_certificate.png new file mode 100644 index 00000000..9e9ed394 Binary files /dev/null and b/app/src/main/assets/it/images/pinned_ssl_certificate.png differ diff --git a/app/src/main/assets/it/images/ssl_certificate_mismatch.png b/app/src/main/assets/it/images/ssl_certificate_mismatch.png new file mode 100644 index 00000000..8826bb1d Binary files /dev/null and b/app/src/main/assets/it/images/ssl_certificate_mismatch.png differ diff --git a/app/src/main/assets/it/images/tor.png b/app/src/main/assets/it/images/tor.png index fe626c22..4d084959 100644 Binary files a/app/src/main/assets/it/images/tor.png and b/app/src/main/assets/it/images/tor.png differ diff --git a/app/src/main/assets/it/images/user_agent.png b/app/src/main/assets/it/images/user_agent.png index 0e6a4b1e..a382d8f8 100644 Binary files a/app/src/main/assets/it/images/user_agent.png and b/app/src/main/assets/it/images/user_agent.png differ diff --git a/app/src/main/java/com/stoutner/privacybrowser/activities/GuideActivity.java b/app/src/main/java/com/stoutner/privacybrowser/activities/GuideActivity.java index ea19f3a3..68be2b5e 100644 --- a/app/src/main/java/com/stoutner/privacybrowser/activities/GuideActivity.java +++ b/app/src/main/java/com/stoutner/privacybrowser/activities/GuideActivity.java @@ -76,7 +76,7 @@ public class GuideActivity extends AppCompatActivity { @Override // Get the count of the number of tabs. public int getCount() { - return 7; + return 8; } @Override diff --git a/app/src/main/java/com/stoutner/privacybrowser/activities/MainWebViewActivity.java b/app/src/main/java/com/stoutner/privacybrowser/activities/MainWebViewActivity.java index 975814a6..33ae5b2d 100644 --- a/app/src/main/java/com/stoutner/privacybrowser/activities/MainWebViewActivity.java +++ b/app/src/main/java/com/stoutner/privacybrowser/activities/MainWebViewActivity.java @@ -153,7 +153,6 @@ public class MainWebViewActivity extends AppCompatActivity implements Navigation // The pinned domain SSL Certificate variables are public static so they can be accessed from `PinnedSslCertificateMismatchDialog`. They are also used in `onCreate()` and `applyDomainSettings()`. public static int domainSettingsDatabaseId; - public static boolean pinnedDomainSslCertificate; public static String pinnedDomainSslIssuedToCNameString; public static String pinnedDomainSslIssuedToONameString; public static String pinnedDomainSslIssuedToUNameString; @@ -313,6 +312,9 @@ public class MainWebViewActivity extends AppCompatActivity implements Navigation // `urlIsLoading` is used in `onCreate()`, `loadUrl()`, and `applyDomainSettings()`. private boolean urlIsLoading; + // `pinnedDomainSslCertificate` is used in `onCreate()` and `applyDomainSettings()`. + private boolean pinnedDomainSslCertificate; + @Override // Remove Android Studio's warning about the dangers of using SetJavaScriptEnabled. The whole premise of Privacy Browser is built around an understanding of these dangers. diff --git a/app/src/main/java/com/stoutner/privacybrowser/adapters/HistoryArrayAdapter.java b/app/src/main/java/com/stoutner/privacybrowser/adapters/HistoryArrayAdapter.java index a606e83d..0ebed74a 100644 --- a/app/src/main/java/com/stoutner/privacybrowser/adapters/HistoryArrayAdapter.java +++ b/app/src/main/java/com/stoutner/privacybrowser/adapters/HistoryArrayAdapter.java @@ -37,7 +37,7 @@ import java.util.ArrayList; public class HistoryArrayAdapter extends ArrayAdapter { // `currentPage` is used in `HistoryArrayAdapter` and `getView()`. - private int currentPage; + private final int currentPage; public HistoryArrayAdapter(Context context, ArrayList historyArrayList, int currentPageId) { // We need to call `super` from the base `ArrayAdapter`. `0` is the `textViewResourceId`. diff --git a/app/src/main/java/com/stoutner/privacybrowser/definitions/History.java b/app/src/main/java/com/stoutner/privacybrowser/definitions/History.java index 9d54cd9e..f37ee7c7 100644 --- a/app/src/main/java/com/stoutner/privacybrowser/definitions/History.java +++ b/app/src/main/java/com/stoutner/privacybrowser/definitions/History.java @@ -24,8 +24,8 @@ import android.graphics.Bitmap; // Create a `History` object. public class History { // Create the `History` package-local variables. - public Bitmap entryFavoriteIcon; - public String entryUrl; + public final Bitmap entryFavoriteIcon; + public final String entryUrl; public History(Bitmap entryFavoriteIcon, String entryUrl){ // Populate the package-local variables. diff --git a/app/src/main/java/com/stoutner/privacybrowser/dialogs/UrlHistoryDialog.java b/app/src/main/java/com/stoutner/privacybrowser/dialogs/UrlHistoryDialog.java index 29918032..8a703929 100644 --- a/app/src/main/java/com/stoutner/privacybrowser/dialogs/UrlHistoryDialog.java +++ b/app/src/main/java/com/stoutner/privacybrowser/dialogs/UrlHistoryDialog.java @@ -51,7 +51,7 @@ import java.util.ArrayList; public class UrlHistoryDialog extends AppCompatDialogFragment{ // `historyArrayList` and `currentPageId` pass information from `onCreate()` to `onCreateDialog()`. - private ArrayList historyArrayList = new ArrayList<>(); + private final ArrayList historyArrayList = new ArrayList<>(); private int currentPageId; public static UrlHistoryDialog loadBackForwardList(Context context, WebBackForwardList webBackForwardList) { diff --git a/app/src/main/res/values-es/strings.xml b/app/src/main/res/values-es/strings.xml index 6c1ea32c..ec864095 100644 --- a/app/src/main/res/values-es/strings.xml +++ b/app/src/main/res/values-es/strings.xml @@ -86,7 +86,7 @@ Actualizar SSL - No coincide el certificado SSL + No coinciden los certificados SSL SSL actual SSL fijado @@ -194,7 +194,6 @@ El nombre de dominio ya existe AÃ±adir Nombre de dominio - ConfiguraciÃ³n de dominio guardada Dominio borrado *. puede ser aÃ±adido a un dominio para incluir todos los subdominios (p.ej. *.stoutner.com)

@@ -211,6 +210,7 @@ GuÃa de Navegador Privado VisiÃ³n general Almacenamiento local + FijaciÃ³n de certificados SSL Rastreo de IDs diff --git a/app/src/main/res/values-it/strings.xml b/app/src/main/res/values-it/strings.xml index e278dd3a..443ab4cd 100644 --- a/app/src/main/res/values-it/strings.xml +++ b/app/src/main/res/values-it/strings.xml @@ -190,7 +190,6 @@ Il nome del Dominio Ã¨ giÃ esistente Aggiungi Nome del Dominio - Impostazioni Domini Salvate Dominio Eliminato Ã¨ possibile anteporre *. a un dominio per includere tutti i sottodomini (es. *.stoutner.com)

diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml index 8315ce56..dc777450 100644 --- a/app/src/main/res/values/strings.xml +++ b/app/src/main/res/values/strings.xml @@ -199,7 +199,6 @@ Domain name already exists Add Domain name - Domain settings saved Domain deleted *. may be prepended to a domain to include all subdomains (eg. *.stoutner.com)

Connect with Confidence

Know Where Youâre Going

Connect with Confidence

Browser Identification

Conectarse con confianza

Connect with Confidence

Know Where Youâre Going