ma1 pushed to branch tor-browser-102.11.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: dbec6cf6 by cypherpunks1 at 2023-05-24T09:21:07-08:00 fixup! Bug 23247: Communicating security expectations for .onion Bug 41785: Show http onion resources as secure in network monitor - - - - - 1 changed file: - devtools/shared/webconsole/network-helper.js Changes: ===================================== devtools/shared/webconsole/network-helper.js ===================================== @@ -600,6 +600,9 @@ var NetworkHelper = { // The request did not contain any security info. if (!securityInfo) { + if (httpActivity.hostname && httpActivity.hostname.endsWith(".onion")) { + info.state = "secure"; + } return info; } @@ -651,7 +654,11 @@ var NetworkHelper = { // schemes other than https and wss are subject to // downgrade/etc at the scheme level and should always be // considered insecure - info.state = "insecure"; + if (httpActivity.hostname && httpActivity.hostname.endsWith(".onion")) { + info.state = "secure"; + } else { + info.state = "insecure"; + } } else if (state & wpl.STATE_IS_SECURE) { // The connection is secure if the scheme is sufficient info.state = "secure"; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/dbec6cf6... -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/dbec6cf6... You're receiving this email because of your account on gitlab.torproject.org.