defense in depth against Flash/ledger running on tor tabs (#14482)

use the new torEnabled content script settings to block content scripts that
shouldn't be runnning in Tor tabs

fix #14480

Test Plan:
1. open tor tab
2. go to http://www.ultrasounds.com/
3. you should not see a notification to run flash

app/browser/api/ledger.js

@@ -33,6 +33,7 @@ const updateState = require('../../common/state/updateState')
 // Constants
 const settings = require('../../../js/constants/settings')
 const messages = require('../../../js/constants/messages')
+const appConfig = require('../../../js/constants/appConfig')
 const ledgerStatuses = require('../../common/constants/ledgerStatuses')
 
 // Utils
@@ -866,7 +867,7 @@ const shouldTrackTab = (state, tabId) => {
   }
   const partition = tabFromState.get('partition', '')
   const ses = session.fromPartition(partition)
-  const isPrivate = (ses && ses.isOffTheRecord()) || tabFromState.get('incognito')
+  const isPrivate = (ses && ses.isOffTheRecord()) || tabFromState.get('incognito') || partition === appConfig.tor.partition
   return !isPrivate && !tabFromState.isEmpty() && ledgerUtil.shouldTrackView(tabFromState)
 }
 

app/extensions/brave/content/scripts/blockCanvasFingerprinting.js

@@ -267,6 +267,6 @@ if (chrome.contentSettings.canvasFingerprinting == 'block') {
   blockWebRTC()
 }
 
-if (chrome.contentSettings.torEnabled == 'block') {
+if (isTorTab()) {
   blockWebRTC()
 }

app/extensions/brave/content/scripts/blockFlash.js

@@ -30,7 +30,7 @@ if (adobeRegex.test(window.location.href)) {
   }
 }
 
-if (chrome.contentSettings.flashEnabled == 'allow') {
+if (chrome.contentSettings.flashEnabled == 'allow' && !isTorTab()) {
   document.addEventListener('click', (e) => {
     let node = e.target
     while (!node.href && node.parentNode)
@@ -46,6 +46,6 @@ if (chrome.contentSettings.flashEnabled == 'allow') {
   })
 }
 
-if (chrome.contentSettings.plugins != 'allow') {
+if (chrome.contentSettings.plugins != 'allow' || isTorTab()) {
   executeScript(getBlockFlashPageScript())
 }

app/extensions/brave/content/scripts/flashListener.js

@@ -73,7 +73,7 @@ function hasHiddenFlashElement (elem) {
 
 // If Flash is enabled but not runnable, show a permission notification for small
 // Flash elements
-if (chrome.contentSettings.flashEnabled == 'allow' && chrome.contentSettings.flashAllowed != 'allow') {
+if (chrome.contentSettings.flashEnabled == 'allow' && chrome.contentSettings.flashAllowed != 'allow' && !isTorTab()) {
   const maxFlashAttempts = 3
   let flashAttempts = 0
   const intervalId = window.setInterval(() => {

app/extensions/brave/content/scripts/pageInformation.js

@@ -130,7 +130,7 @@
   if (window.top !== window.self) return
 
   // Don't allow ledger to run in incognito
-  if (chrome.extension.inIncognitoContext) {
+  if (chrome.extension.inIncognitoContext || isTorTab()) {
     return
   }
 

app/extensions/brave/content/scripts/util.js

@@ -36,3 +36,7 @@ function isPlatformOSX () {
 function hasWhitespace (text) {
   return /\s/g.test(text);
 }
+
+function isTorTab () {
+  return chrome.contentSettings.torEnabled != 'allow'
+}