[tor-commits] [tor-browser/tor-browser-52.2.0esr-7.0-1] Bug 21321: Add test for .onion whitelisting

gk at torproject.org gk at torproject.org
Thu Aug 3 09:10:55 UTC 2017


commit 7a03cca9991cfab93be16e9d5521bc58c35d4d44
Author: Georg Koppen <gk at torproject.org>
Date:   Mon Jul 24 10:23:00 2017 +0000

    Bug 21321: Add test for .onion whitelisting
---
 dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js b/dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
index 7de8faa8f9cb..206b79742505 100644
--- a/dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
+++ b/dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
@@ -21,6 +21,7 @@ XPCOMUtils.defineLazyServiceGetter(this, "gContentSecurityManager",
 
 var prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch);
 prefs.setCharPref("dom.securecontext.whitelist", "example.net,example.org");
+prefs.setBoolPref("dom.securecontext.whitelist_onions", false);
 
 add_task(function* test_isOriginPotentiallyTrustworthy() {
   for (let [uriSpec, expectedResult] of [
@@ -38,10 +39,18 @@ add_task(function* test_isOriginPotentiallyTrustworthy() {
     ["http://example.net/", true],
     ["ws://example.org/", true],
     ["chrome://example.net/content/messenger.xul", false],
+    ["http://1234567890abcdef.onion/", false],
   ]) {
     let uri = NetUtil.newURI(uriSpec);
     let principal = gScriptSecurityManager.getCodebasePrincipal(uri);
     Assert.equal(gContentSecurityManager.isOriginPotentiallyTrustworthy(principal),
                  expectedResult);
   }
+  // And now let's test whether .onion sites are properly treated when
+  // whitelisted, see bug 21321.
+  prefs.setBoolPref("dom.securecontext.whitelist_onions", true);
+  let uri = NetUtil.newURI("http://1234567890abcdef.onion/");
+  let principal = gScriptSecurityManager.getCodebasePrincipal(uri);
+  Assert.equal(gContentSecurityManager.isOriginPotentiallyTrustworthy(principal),
+               true);
 });



More information about the tor-commits mailing list