Pier Angelo Vendrame pushed to branch tor-browser-102.11.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 4c0986cb by cypherpunks1 at 2023-05-23T14:06:01-08:00 fixup! Bug 23247: Communicating security expectations for .onion Bug 33298: Warn when submitting form data from http onion sites over an insecure connection - - - - - 1 changed file: - dom/html/HTMLFormElement.cpp Changes: ===================================== dom/html/HTMLFormElement.cpp ===================================== @@ -893,7 +893,10 @@ nsresult HTMLFormElement::DoSecureToInsecureSubmitCheck(nsIURI* aActionURL, formIsHTTPS = OwnerDoc()->GetDocumentURI()->SchemeIs("https"); } if (!formIsHTTPS) { - return NS_OK; + bool formIsOnion = nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(OwnerDoc()->GetDocumentURI()); + if (!formIsOnion) { + return NS_OK; + } } if (nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackURL(aActionURL)) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4c0986cb... -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4c0986cb... You're receiving this email because of your account on gitlab.torproject.org.