Pier Angelo Vendrame pushed to branch tor-browser-102.11.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits: 4c0986cb by cypherpunks1 at 2023-05-23T14:06:01-08:00 fixup! Bug 23247: Communicating security expectations for .onion
Bug 33298: Warn when submitting form data from http onion sites over an insecure connection
- - - - -
1 changed file:
- dom/html/HTMLFormElement.cpp
Changes:
===================================== dom/html/HTMLFormElement.cpp ===================================== @@ -893,7 +893,10 @@ nsresult HTMLFormElement::DoSecureToInsecureSubmitCheck(nsIURI* aActionURL, formIsHTTPS = OwnerDoc()->GetDocumentURI()->SchemeIs("https"); } if (!formIsHTTPS) { - return NS_OK; + bool formIsOnion = nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(OwnerDoc()->GetDocumentURI()); + if (!formIsOnion) { + return NS_OK; + } }
if (nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackURL(aActionURL)) {
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4c0986cb...