ma1 pushed to branch tor-browser-115.2.0esr-13.0-1 at The Tor Project /
Applications / Tor Browser
Commits:
03a24c6d by cypherpunks1 at 2023-09-08T22:06:56+00:00
fixup! Bug 23247: Communicating security expectations for .onion
Bug 41934: Treat unencrypted websocket connections to onion services as secure
- - - - -
1 changed file:
- dom/websocket/WebSocket.cpp
Changes:
=====================================
dom/websocket/WebSocket.cpp
=====================================
@@ -1734,12 +1734,15 @@ nsresult WebSocketImpl::Init(JSContext* aCx, bool
aIsSecure,
}
// Don't allow https:// to open ws://
- if (!mIsServerSide && !mSecure &&
+ if (!mIsServerSide && !mSecure && aIsSecure &&
!Preferences::GetBool("network.websocket.allowInsecureFromHTTPS",
false) &&
!nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackHost(
mAsciiHost)) {
- if (aIsSecure) {
+ nsCOMPtr<nsIURI> uri;
+ nsresult rv = NS_NewURI(getter_AddRefs(uri), mURI);
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (!nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(uri)) {
return NS_ERROR_DOM_SECURITY_ERR;
}
}
View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/03a24c6d2d0aefd323223134215fdd7e405cbf87
--
View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/03a24c6d2d0aefd323223134215fdd7e405cbf87
You're receiving this email because of your account on gitlab.torproject.org.
_______________________________________________
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
