[tor-commits] [tor-browser/tor-browser-60.1.0esr-8.0-1] fixup! Bug 23247: Communicating security expectations for .onion

gk at torproject.org gk at torproject.org
Thu Aug 30 21:21:40 UTC 2018 

commit 4f22857f926d1e35d22709a247cca0aa3f8e560f
Author: Arthur Edelstein <arthuredelstein at gmail.com>
Date:   Wed Aug 29 21:43:38 2018 -0700

    fixup! Bug 23247: Communicating security expectations for .onion
    
    The mixed content blocker should not block a directly-loaded
    image from a .onion domain. We need to detect this situation
    earlier in nsMixedContentBlocker::ShouldLoad.
---
 dom/security/nsMixedContentBlocker.cpp | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/dom/security/nsMixedContentBlocker.cpp b/dom/security/nsMixedContentBlocker.cpp
index 7b0e5088a4de..c8f850e1300c 100644
--- a/dom/security/nsMixedContentBlocker.cpp
+++ b/dom/security/nsMixedContentBlocker.cpp
@@ -726,6 +726,17 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
     }
   }
 
+  bool isHttpScheme = false;
+  rv = innerContentLocation->SchemeIs("http", &isHttpScheme);
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  // .onion URLs are encrypted and authenticated. Don't treat them as mixed
+  // content if potentially trustworthy (i.e. whitelisted).
+  if (isHttpScheme && IsPotentiallyTrustworthyOnion(innerContentLocation)) {
+    *aDecision = ACCEPT;
+    return NS_OK;
+  }
+
   nsCOMPtr<nsIDocShell> docShell = NS_CP_GetDocShellFromContext(aRequestingContext);
   NS_ENSURE_TRUE(docShell, NS_OK);
 
@@ -746,10 +757,6 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
     return NS_OK;
   }
 
-  bool isHttpScheme = false;
-  rv = innerContentLocation->SchemeIs("http", &isHttpScheme);
-  NS_ENSURE_SUCCESS(rv, rv);
-
   // Loopback origins are not considered mixed content even over HTTP. See:
   // https://w3c.github.io/webappsec-mixed-content/#should-block-fetch
   if (isHttpScheme &&
@@ -758,13 +765,6 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
     return NS_OK;
   }
 
-  // .onion URLs are encrypted and authenticated. Don't treat them as mixed
-  // content if potentially trustworthy (i.e. whitelisted).
-  if (isHttpScheme && IsPotentiallyTrustworthyOnion(innerContentLocation)) {
-    *aDecision = ACCEPT;
-    return NS_OK;
-  }
-
   // The page might have set the CSP directive 'upgrade-insecure-requests'. In such
   // a case allow the http: load to succeed with the promise that the channel will
   // get upgraded to https before fetching any data from the netwerk.

More information about the tor-commits mailing list