ma1 pushed to branch tor-browser-115.0esrbase-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 82c31751 by cypherpunks1 at 2023-07-12T16:18:15-08:00 fixup! Bug 23247: Communicating security expectations for .onion Bug 41399: Enable brotli encoding for http onions - - - - - 1 changed file: - netwerk/protocol/http/HttpBaseChannel.cpp Changes: ===================================== netwerk/protocol/http/HttpBaseChannel.cpp ===================================== @@ -340,6 +340,7 @@ void HttpBaseChannel::AddClassificationFlags(uint32_t aClassificationFlags, static bool isSecureOrTrustworthyURL(nsIURI* aURI) { return aURI->SchemeIs("https") || + nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(aURI) || (StaticPrefs::network_http_encoding_trustworthy_is_https() && nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackURL(aURI)); } @@ -366,7 +367,6 @@ nsresult HttpBaseChannel::Init(nsIURI* aURI, uint32_t aCaps, // Construct connection info object nsAutoCString host; int32_t port = -1; - bool isHTTPS = isSecureOrTrustworthyURL(mURI); nsresult rv = mURI->GetAsciiHost(host); if (NS_FAILED(rv)) return rv; @@ -395,7 +395,7 @@ nsresult HttpBaseChannel::Init(nsIURI* aURI, uint32_t aCaps, if (NS_FAILED(rv)) return rv; rv = gHttpHandler->AddStandardRequestHeaders( - &mRequestHead, isHTTPS, aContentPolicyType, + &mRequestHead, isSecureOrTrustworthyURL(mURI), aContentPolicyType, nsContentUtils::ShouldResistFingerprinting(this)); if (NS_FAILED(rv)) return rv; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/82c31751... -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/82c31751... You're receiving this email because of your account on gitlab.torproject.org.