[tor-commits] [Git][tpo/applications/tor-browser][tor-browser-115.7.0esr-13.5-1] Bug 42374: Check for spoof English in number conversions

Pier Angelo Vendrame (@pierov) git at gitlab.torproject.org
Thu Jan 18 13:17:49 UTC 2024



Pier Angelo Vendrame pushed to branch tor-browser-115.7.0esr-13.5-1 at The Tor Project / Applications / Tor Browser


Commits:
a7932fac by Pier Angelo Vendrame at 2024-01-18T11:10:48+01:00
Bug 42374: Check for spoof English in number conversions

Some of the code that converts numbers to strings for inputs uses ICU
functions to localize numbers, but it does not check for spoof English.

Also, not all functions where consistent in the conversion, so this
commit addresses also this.

- - - - -


2 changed files:

- dom/html/input/NumericInputTypes.cpp
- intl/unicharutil/util/ICUUtils.cpp


Changes:

=====================================
dom/html/input/NumericInputTypes.cpp
=====================================
@@ -52,11 +52,7 @@ nsresult NumericInputTypeBase::GetRangeOverflowMessage(nsAString& aMessage) {
   MOZ_ASSERT(!maximum.isNaN());
 
   nsAutoString maxStr;
-  char buf[32];
-  DebugOnly<bool> ok = maximum.toString(buf, ArrayLength(buf));
-  maxStr.AssignASCII(buf);
-  MOZ_ASSERT(ok, "buf not big enough");
-
+  ConvertNumberToString(maximum, maxStr);
   return nsContentUtils::FormatMaybeLocalizedString(
       aMessage, nsContentUtils::eDOM_PROPERTIES,
       "FormValidationNumberRangeOverflow", mInputElement->OwnerDoc(), maxStr);
@@ -67,11 +63,7 @@ nsresult NumericInputTypeBase::GetRangeUnderflowMessage(nsAString& aMessage) {
   MOZ_ASSERT(!minimum.isNaN());
 
   nsAutoString minStr;
-  char buf[32];
-  DebugOnly<bool> ok = minimum.toString(buf, ArrayLength(buf));
-  minStr.AssignASCII(buf);
-  MOZ_ASSERT(ok, "buf not big enough");
-
+  ConvertNumberToString(minimum, minStr);
   return nsContentUtils::FormatMaybeLocalizedString(
       aMessage, nsContentUtils::eDOM_PROPERTIES,
       "FormValidationNumberRangeUnderflow", mInputElement->OwnerDoc(), minStr);


=====================================
intl/unicharutil/util/ICUUtils.cpp
=====================================
@@ -49,6 +49,13 @@ void ICUUtils::LanguageTagIterForContent::GetNext(nsACString& aBCP47LangTag) {
     mCurrentFallbackIndex = 2;
     // Else take the app's locale:
 
+    const bool spoofLocale = nsContentUtils::SpoofLocaleEnglish() &&
+                             !mContent->OwnerDoc()->AllowsL10n();
+    if (spoofLocale) {
+      aBCP47LangTag.AssignLiteral("en-US");
+      return;
+    }
+
     nsAutoCString appLocale;
     LocaleService::GetInstance()->GetAppLocaleAsBCP47(aBCP47LangTag);
     return;



View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/a7932fac62c8a955bdc3f08a9b81b7f2562a4eff

-- 
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/a7932fac62c8a955bdc3f08a9b81b7f2562a4eff
You're receiving this email because of your account on gitlab.torproject.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-commits/attachments/20240118/80ba6d41/attachment-0001.htm>


More information about the tor-commits mailing list