[tor-commits] [Git][tpo/applications/tor-browser][tor-browser-115.3.1esr-13.0-1] fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser

richard (@richard) git at gitlab.torproject.org
Tue Oct 10 17:07:51 UTC 2023 


richard pushed to branch tor-browser-115.3.1esr-13.0-1 at The Tor Project / Applications / Tor Browser


Commits:
c02fa5a8 by hackademix at 2023-10-10T16:58:37+00:00
fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser

Bug 41766: Sanitize about:torconnect redirects.

- - - - -


1 changed file:

- browser/components/torconnect/content/aboutTorConnect.js


Changes:

=====================================
browser/components/torconnect/content/aboutTorConnect.js
=====================================
@@ -822,15 +822,21 @@ class AboutTorConnect {
   }
 
   async init() {
+    // if the user gets here manually or via the button in the urlbar
+    // then we will redirect to about:tor
+    this.redirect = "about:tor";
+
     // see if a user has a final destination after bootstrapping
     let params = new URLSearchParams(new URL(document.location.href).search);
     if (params.has("redirect")) {
-      const encodedRedirect = params.get("redirect");
-      this.redirect = decodeURIComponent(encodedRedirect);
-    } else {
-      // if the user gets here manually or via the button in the urlbar
-      // then we will redirect to about:tor
-      this.redirect = "about:tor";
+      try {
+        const redirect = new URL(decodeURIComponent(params.get("redirect")));
+        if (/^(?:https?|about):$/.test(redirect.protocol)) {
+          this.redirect = redirect.href;
+        }
+      } catch (e) {
+        console.error(e, `Invalid redirect URL "${params.get("redirect")}"!`);
+      }
     }
 
     let args = await RPMSendQuery("torconnect:get-init-args");



View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c02fa5a83953f1463981a5576386177129bed16e

-- 
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c02fa5a83953f1463981a5576386177129bed16e
You're receiving this email because of your account on gitlab.torproject.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-commits/attachments/20231010/ca40df00/attachment-0001.htm>

More information about the tor-commits mailing list