commit 5837ac47afae9ca736ec4c4fedf0d83d6a601bc9 Author: Arthur Edelstein <arthuredelstein@gmail.com> Date: Fri Sep 9 22:50:47 2016 -0700 Bug 17334: Spoof referrer when leaving a .onion domain Note I also remove a superfluous and confusing line, `currentHost = referrerHost;` --- netwerk/protocol/http/HttpBaseChannel.cpp | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/netwerk/protocol/http/HttpBaseChannel.cpp b/netwerk/protocol/http/HttpBaseChannel.cpp index 76c4a9a..8d9a408 100644 --- a/netwerk/protocol/http/HttpBaseChannel.cpp +++ b/netwerk/protocol/http/HttpBaseChannel.cpp @@ -14,6 +14,7 @@ #include "nsMimeTypes.h" #include "nsNetCID.h" #include "nsNetUtil.h" +#include "nsReadableUtils.h" #include "nsICachingChannel.h" #include "nsIDOMDocument.h" @@ -1389,13 +1390,15 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer, return NS_OK; } - // send spoofed referrer if desired - if (userSpoofReferrerSource) { + bool leavingOnion = !currentHost.Equals(referrerHost) && + StringEndsWith(referrerHost, NS_LITERAL_CSTRING(".onion")); + + // send spoofed referrer if desired by user, or if we are leaving a .onion + if (userSpoofReferrerSource || leavingOnion) { nsCOMPtr<nsIURI> mURIclone; rv = mURI->CloneIgnoringRef(getter_AddRefs(mURIclone)); if (NS_FAILED(rv)) return rv; clone = mURIclone; - currentHost = referrerHost; } // strip away any userpass; we don't want to be giving out passwords ;-)