[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [Git][tpo/applications/tor-browser][tor-browser-102.7.0esr-12.5-1] amend! Bug 8324: Prevent DNS proxy bypasses caused by Drag&Drop

Title: GitLab

Richard Pospesel pushed to branch tor-browser-102.7.0esr-12.5-1 at The Tor Project / Applications / Tor Browser

Commits:

  • 1ac8520e
    by hackademix at 2023-02-07T09:27:49+01:00 
    amend! Bug 8324: Prevent DNS proxy bypasses caused by Drag&Drop

Bug 8324: Prevent DNS proxy bypasses caused by Drag&Drop
Bug 41613: Skip Drang & Drop filtering for DNS-safe URLs

1 changed file:

Changes:

  • toolkit/torbutton/components/dragDropFilter.js
    ... ... @@ -113,6 +113,25 @@ DragDropFilter.prototype = {
    113 113 
         for (let i = 0, count = aDataTransfer.mozItemCount; i < count; ++i) {
    114 114 
           this.logger.log(3, `Inspecting the data transfer: ${i}.`);
    115 115 
           const types = aDataTransfer.mozTypesAt(i);
    116 
    +      const urlType = "text/x-moz-url";
    117 
    +      // Fallback url type, to be parsed by this browser but not externally
    118 
    +      const INTERNAL_FALLBACK = "application/x-torbrowser-opaque";
    119 
    +      if (types.contains(urlType)) {
    120 
    +        const links = aDataTransfer.mozGetDataAt(urlType, i);
    121 
    +        // Skip DNS-safe URLs (no hostname, e.g. RFC 3966 tel:)
    122 
    +        const mayLeakDNS = links.split("\n").some(link => {
    123 
    +          try {
    124 
    +            return new URL(link).hostname;
    125 
    +          } catch (e) {
    126 
    +            return false;
    127 
    +          }
    128 
    +        });
    129 
    +        if (!mayLeakDNS) {
    130 
    +          continue;
    131 
    +        }
    132 
    +        const opaqueKey = OpaqueDrag.store(links, urlType);
    133 
    +        aDataTransfer.mozSetDataAt(INTERNAL_FALLBACK, opaqueKey, i);
    134 
    +      }
    116 135 
           for (const type of types) {
    117 136 
             this.logger.log(3, `Type is: ${type}.`);
    118 137 
             if (URLISH_TYPES.includes(type)) {
    ... ... @@ -120,14 +139,6 @@ DragDropFilter.prototype = {
    120 139 
                 3,
    121 140 
                 `Removing transfer data ${aDataTransfer.mozGetDataAt(type, i)}`
    122 141 
               );
    123 
    -          const urlType = "text/x-moz-url";
    124 
    -          // Fallback url type, to be parsed by this browser but not externally
    125 
    -          const INTERNAL_FALLBACK = "application/x-torbrowser-opaque";
    126 
    -          if (types.contains(urlType)) {
    127 
    -            const link = aDataTransfer.mozGetDataAt(urlType, i);
    128 
    -            const opaqueKey = OpaqueDrag.store(link, urlType);
    129 
    -            aDataTransfer.mozSetDataAt(INTERNAL_FALLBACK, opaqueKey, i);
    130 
    -          }
    131 142 
               for (const type of types) {
    132 143 
                 if (
    133 144 
                   type !== INTERNAL_FALLBACK &&


    • View it on GitLab.
    You're receiving this email because of your account on gitlab.torproject.org. Manage all notifications · Help 

    _______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits