[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [Git][tpo/applications/tor-browser][tor-browser-102.11.0esr-12.5-1] fixup! Bug 23247: Communicating security expectations for .onion

Title: GitLab

Pier Angelo Vendrame pushed to branch tor-browser-102.11.0esr-12.5-1 at The Tor Project / Applications / Tor Browser

Commits:

  • 4c0986cb
    by cypherpunks1 at 2023-05-23T14:06:01-08:00 
    fixup! Bug 23247: Communicating security expectations for .onion

Bug 33298: Warn when submitting form data from http onion sites over an insecure connection

1 changed file:

Changes:

  • dom/html/HTMLFormElement.cpp
    ... ... @@ -893,7 +893,10 @@ nsresult HTMLFormElement::DoSecureToInsecureSubmitCheck(nsIURI* aActionURL,
    893 893 
         formIsHTTPS = OwnerDoc()->GetDocumentURI()->SchemeIs("https");
    894 894 
       }
    895 895 
       if (!formIsHTTPS) {
    896 
    -    return NS_OK;
    896 
    +    bool formIsOnion = nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(OwnerDoc()->GetDocumentURI());
    897 
    +    if (!formIsOnion) {
    898 
    +      return NS_OK;
    899 
    +    }
    897 900 
       }
    898 901
    899 902 
       if (nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackURL(aActionURL)) {


    • View it on GitLab.
    You're receiving this email because of your account on gitlab.torproject.org. Manage all notifications · Help 

    _______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits