[tor-commits] [Git][tpo/applications/tor-browser][tor-browser-115.2.0esr-13.0-1] fixup! Bug 23247: Communicating security expectations for .onion
ma1 (@ma1)
git at gitlab.torproject.org
Fri Sep 8 22:07:34 UTC 2023
ma1 pushed to branch tor-browser-115.2.0esr-13.0-1 at The Tor Project / Applications / Tor Browser
Commits:
03a24c6d by cypherpunks1 at 2023-09-08T22:06:56+00:00
fixup! Bug 23247: Communicating security expectations for .onion
Bug 41934: Treat unencrypted websocket connections to onion services as secure
- - - - -
1 changed file:
- dom/websocket/WebSocket.cpp
Changes:
=====================================
dom/websocket/WebSocket.cpp
=====================================
@@ -1734,12 +1734,15 @@ nsresult WebSocketImpl::Init(JSContext* aCx, bool aIsSecure,
}
// Don't allow https:// to open ws://
- if (!mIsServerSide && !mSecure &&
+ if (!mIsServerSide && !mSecure && aIsSecure &&
!Preferences::GetBool("network.websocket.allowInsecureFromHTTPS",
false) &&
!nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackHost(
mAsciiHost)) {
- if (aIsSecure) {
+ nsCOMPtr<nsIURI> uri;
+ nsresult rv = NS_NewURI(getter_AddRefs(uri), mURI);
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (!nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(uri)) {
return NS_ERROR_DOM_SECURITY_ERR;
}
}
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/03a24c6d2d0aefd323223134215fdd7e405cbf87
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/03a24c6d2d0aefd323223134215fdd7e405cbf87
You're receiving this email because of your account on gitlab.torproject.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-commits/attachments/20230908/5782da6f/attachment-0001.htm>
More information about the tor-commits
mailing list