[tbb-commits] [tor-browser/tor-browser-60.1.0esr-8.0-1] fixup! Bug 23247: Communicating security expectations for .onion
gk at torproject.org
gk at torproject.org
Thu Aug 30 21:21:40 UTC 2018
commit 4f22857f926d1e35d22709a247cca0aa3f8e560f
Author: Arthur Edelstein <arthuredelstein at gmail.com>
Date: Wed Aug 29 21:43:38 2018 -0700
fixup! Bug 23247: Communicating security expectations for .onion
The mixed content blocker should not block a directly-loaded
image from a .onion domain. We need to detect this situation
earlier in nsMixedContentBlocker::ShouldLoad.
---
dom/security/nsMixedContentBlocker.cpp | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/dom/security/nsMixedContentBlocker.cpp b/dom/security/nsMixedContentBlocker.cpp
index 7b0e5088a4de..c8f850e1300c 100644
--- a/dom/security/nsMixedContentBlocker.cpp
+++ b/dom/security/nsMixedContentBlocker.cpp
@@ -726,6 +726,17 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
}
}
+ bool isHttpScheme = false;
+ rv = innerContentLocation->SchemeIs("http", &isHttpScheme);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ // .onion URLs are encrypted and authenticated. Don't treat them as mixed
+ // content if potentially trustworthy (i.e. whitelisted).
+ if (isHttpScheme && IsPotentiallyTrustworthyOnion(innerContentLocation)) {
+ *aDecision = ACCEPT;
+ return NS_OK;
+ }
+
nsCOMPtr<nsIDocShell> docShell = NS_CP_GetDocShellFromContext(aRequestingContext);
NS_ENSURE_TRUE(docShell, NS_OK);
@@ -746,10 +757,6 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
return NS_OK;
}
- bool isHttpScheme = false;
- rv = innerContentLocation->SchemeIs("http", &isHttpScheme);
- NS_ENSURE_SUCCESS(rv, rv);
-
// Loopback origins are not considered mixed content even over HTTP. See:
// https://w3c.github.io/webappsec-mixed-content/#should-block-fetch
if (isHttpScheme &&
@@ -758,13 +765,6 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
return NS_OK;
}
- // .onion URLs are encrypted and authenticated. Don't treat them as mixed
- // content if potentially trustworthy (i.e. whitelisted).
- if (isHttpScheme && IsPotentiallyTrustworthyOnion(innerContentLocation)) {
- *aDecision = ACCEPT;
- return NS_OK;
- }
-
// The page might have set the CSP directive 'upgrade-insecure-requests'. In such
// a case allow the http: load to succeed with the promise that the channel will
// get upgraded to https before fetching any data from the netwerk.
More information about the tbb-commits
mailing list