[tor-commits] [tor-browser] 02/03: fixup! Bug 21952: Implement Onion-Location
gitolite role
git at cupani.torproject.org
Tue Oct 25 17:23:33 UTC 2022
This is an automated email from the git hooks/post-receive script.
pierov pushed a commit to branch tor-browser-102.4.0esr-12.0-1
in repository tor-browser.
commit 2c885618ed0e1e7779f89160f75cb920b2c79264
Author: Pier Angelo Vendrame <pierov at torproject.org>
AuthorDate: Tue Oct 25 10:54:25 2022 +0200
fixup! Bug 21952: Implement Onion-Location
Bug 40491: Don't auto-pick a v2 address when it's in Onion-Location header
---
dom/base/Document.cpp | 57 +++++++++++++++++++++++++++++++++++++++++----------
1 file changed, 46 insertions(+), 11 deletions(-)
diff --git a/dom/base/Document.cpp b/dom/base/Document.cpp
index 6ddf6f9e4283..9001556d0232 100644
--- a/dom/base/Document.cpp
+++ b/dom/base/Document.cpp
@@ -6831,18 +6831,53 @@ void Document::GetHeaderData(nsAtom* aHeaderField, nsAString& aData) const {
static bool IsValidOnionLocation(nsIURI* aDocumentURI,
nsIURI* aOnionLocationURI) {
- bool isHttpish;
+ if (!aDocumentURI || !aOnionLocationURI) {
+ return false;
+ }
+
+ // Current URI
nsAutoCString host;
- return aDocumentURI && aOnionLocationURI &&
- NS_SUCCEEDED(aDocumentURI->SchemeIs("https", &isHttpish)) &&
- isHttpish && NS_SUCCEEDED(aDocumentURI->GetAsciiHost(host)) &&
- !StringEndsWith(host, ".onion"_ns) &&
- ((NS_SUCCEEDED(aOnionLocationURI->SchemeIs("http", &isHttpish)) &&
- isHttpish) ||
- (NS_SUCCEEDED(aOnionLocationURI->SchemeIs("https", &isHttpish)) &&
- isHttpish)) &&
- NS_SUCCEEDED(aOnionLocationURI->GetAsciiHost(host)) &&
- StringEndsWith(host, ".onion"_ns);
+ if (!aDocumentURI->SchemeIs("https")) {
+ return false;
+ }
+ NS_ENSURE_SUCCESS(aDocumentURI->GetAsciiHost(host), false);
+ if (StringEndsWith(host, ".onion"_ns)) {
+ // Already in the .onion site
+ return false;
+ }
+
+ // Target URI
+ if (!aOnionLocationURI->SchemeIs("http") &&
+ !aOnionLocationURI->SchemeIs("https")) {
+ return false;
+ }
+ nsCOMPtr<nsIEffectiveTLDService> eTLDService =
+ do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID);
+ if (!eTLDService) {
+ NS_ENSURE_SUCCESS(aOnionLocationURI->GetAsciiHost(host), false);
+ // This should not happen, but in the unlikely case, still check if it is a
+ // .onion and in case allow it.
+ return StringEndsWith(host, ".onion"_ns);
+ }
+ NS_ENSURE_SUCCESS(eTLDService->GetBaseDomain(aOnionLocationURI, 0, host),
+ false);
+ if (!StringEndsWith(host, ".onion"_ns)) {
+ return false;
+ }
+
+ // Ignore v2
+ if (host.Length() == 22) {
+ const char* cur = host.BeginWriting();
+ // We have already checked that it ends by ".onion"
+ const char* end = host.EndWriting() - 6;
+ bool base32 = true;
+ for (; cur < end && base32; ++cur) {
+ base32 = isalpha(*cur) || ('2' <= *cur && *cur <= '7');
+ }
+ return !base32;
+ }
+
+ return true;
}
void Document::SetHeaderData(nsAtom* aHeaderField, const nsAString& aData) {
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the tor-commits
mailing list