ma1 pushed to branch tor-browser-115.2.0esr-13.0-1 at The Tor Project / Applications / Tor Browser
Commits:
-
255203a3
by cypherpunks1 at 2023-08-21T19:11:56+00:00
-
3f596978
by cypherpunks1 at 2023-08-21T19:11:56+00:00
-
5073f134
by cypherpunks1 at 2023-08-21T19:11:56+00:00
4 changed files:
- browser/components/torcircuit/content/torCircuitPanel.js
- toolkit/components/reader/AboutReader.sys.mjs
- toolkit/components/reader/ReaderMode.sys.mjs
- toolkit/components/tor-launcher/TorDomainIsolator.sys.mjs
Changes:
| ... | ... | @@ -276,7 +276,18 @@ var gTorCircuitPanel = { |
| 276 | 276 | // will match up with the domain.
|
| 277 | 277 | // In contrast, documentURI corresponds to the shown page. E.g. it could
|
| 278 | 278 | // point to "about:certerror".
|
| 279 | - const scheme = browser.currentURI?.scheme;
|
|
| 279 | + let scheme = browser.currentURI?.scheme;
|
|
| 280 | + if (scheme === "about" && browser.currentURI?.filePath === "reader") {
|
|
| 281 | + const searchParams = new URLSearchParams(browser.currentURI.query);
|
|
| 282 | + if (searchParams.has("url")) {
|
|
| 283 | + try {
|
|
| 284 | + const uri = Services.io.newURI(searchParams.get("url"));
|
|
| 285 | + scheme = uri.scheme;
|
|
| 286 | + } catch (err) {
|
|
| 287 | + this._log.error(err);
|
|
| 288 | + }
|
|
| 289 | + }
|
|
| 290 | + }
|
|
| 280 | 291 | |
| 281 | 292 | if (
|
| 282 | 293 | this._currentBrowserData &&
|
| ... | ... | @@ -788,6 +788,7 @@ AboutReader.prototype = { |
| 788 | 788 | try {
|
| 789 | 789 | article = await ReaderMode.downloadAndParseDocument(
|
| 790 | 790 | url,
|
| 791 | + { ...this._doc.nodePrincipal?.originAttributes },
|
|
| 791 | 792 | docContentType
|
| 792 | 793 | );
|
| 793 | 794 | } catch (e) {
|
| ... | ... | @@ -231,11 +231,12 @@ export var ReaderMode = { |
| 231 | 231 | * Downloads and parses a document from a URL.
|
| 232 | 232 | *
|
| 233 | 233 | * @param url URL to download and parse.
|
| 234 | + * @param attrs OriginAttributes to use for the request.
|
|
| 234 | 235 | * @return {Promise}
|
| 235 | 236 | * @resolves JS object representing the article, or null if no article is found.
|
| 236 | 237 | */
|
| 237 | - async downloadAndParseDocument(url, docContentType = "document") {
|
|
| 238 | - let result = await this._downloadDocument(url, docContentType);
|
|
| 238 | + async downloadAndParseDocument(url, attrs = {}, docContentType = "document") {
|
|
| 239 | + let result = await this._downloadDocument(url, attrs, docContentType);
|
|
| 239 | 240 | if (!result?.doc) {
|
| 240 | 241 | return null;
|
| 241 | 242 | }
|
| ... | ... | @@ -258,9 +259,11 @@ export var ReaderMode = { |
| 258 | 259 | return article;
|
| 259 | 260 | },
|
| 260 | 261 | |
| 261 | - _downloadDocument(url, docContentType = "document") {
|
|
| 262 | + _downloadDocument(url, attrs = {}, docContentType = "document") {
|
|
| 263 | + let uri;
|
|
| 262 | 264 | try {
|
| 263 | - if (!lazy.Readerable.shouldCheckUri(Services.io.newURI(url))) {
|
|
| 265 | + uri = Services.io.newURI(url);
|
|
| 266 | + if (!lazy.Readerable.shouldCheckUri(uri)) {
|
|
| 264 | 267 | return null;
|
| 265 | 268 | }
|
| 266 | 269 | } catch (ex) {
|
| ... | ... | @@ -272,9 +275,15 @@ export var ReaderMode = { |
| 272 | 275 | let histogram = Services.telemetry.getHistogramById(
|
| 273 | 276 | "READER_MODE_DOWNLOAD_RESULT"
|
| 274 | 277 | );
|
| 278 | + try {
|
|
| 279 | + attrs.firstPartyDomain = Services.eTLD.getSchemelessSite(uri);
|
|
| 280 | + } catch (e) {
|
|
| 281 | + console.error("Failed to get first party domain for about:reader", e);
|
|
| 282 | + }
|
|
| 275 | 283 | return new Promise((resolve, reject) => {
|
| 276 | 284 | let xhr = new XMLHttpRequest();
|
| 277 | 285 | xhr.open("GET", url, true);
|
| 286 | + xhr.setOriginAttributes(attrs);
|
|
| 278 | 287 | xhr.onerror = evt => reject(evt.error);
|
| 279 | 288 | xhr.responseType = docContentType === "text/plain" ? "text" : "document";
|
| 280 | 289 | xhr.onload = evt => {
|
| ... | ... | @@ -300,6 +300,17 @@ class TorDomainIsolatorImpl { |
| 300 | 300 | const channel = aChannel.QueryInterface(Ci.nsIChannel);
|
| 301 | 301 | let firstPartyDomain = channel.loadInfo.originAttributes.firstPartyDomain;
|
| 302 | 302 | const userContextId = channel.loadInfo.originAttributes.userContextId;
|
| 303 | + const loadingPrincipalURI = channel.loadInfo.loadingPrincipal?.URI;
|
|
| 304 | + if (loadingPrincipalURI?.spec.startsWith("about:reader")) {
|
|
| 305 | + try {
|
|
| 306 | + const searchParams = new URLSearchParams(loadingPrincipalURI.query);
|
|
| 307 | + if (searchParams.has("url")) {
|
|
| 308 | + firstPartyDomain = Services.eTLD.getSchemelessSite(Services.io.newURI(searchParams.get("url")));
|
|
| 309 | + }
|
|
| 310 | + } catch (e) {
|
|
| 311 | + logger.error("Failed to get first party domain for about:reader", e);
|
|
| 312 | + }
|
|
| 313 | + }
|
|
| 303 | 314 | if (!firstPartyDomain) {
|
| 304 | 315 | firstPartyDomain = CATCHALL_DOMAIN;
|
| 305 | 316 | if (Date.now() - this.#catchallDirtySince > CATCHALL_MAX_LIFETIME) {
|
| ... | ... | @@ -629,36 +640,43 @@ class TorDomainIsolatorImpl { |
| 629 | 640 | function getDomainForBrowser(browser) {
|
| 630 | 641 | let fpd = browser.contentPrincipal.originAttributes.firstPartyDomain;
|
| 631 | 642 | |
| 632 | - // Bug 31562: For neterror or certerror, get the original URL from
|
|
| 633 | - // browser.currentURI and use it to calculate the firstPartyDomain.
|
|
| 634 | - const knownErrors = [
|
|
| 635 | - "about:neterror",
|
|
| 636 | - "about:certerror",
|
|
| 637 | - "about:httpsonlyerror",
|
|
| 638 | - ];
|
|
| 639 | 643 | const { documentURI } = browser;
|
| 640 | - if (
|
|
| 641 | - documentURI &&
|
|
| 642 | - documentURI.schemeIs("about") &&
|
|
| 643 | - knownErrors.some(x => documentURI.spec.startsWith(x))
|
|
| 644 | - ) {
|
|
| 645 | - const knownSchemes = ["http", "https"];
|
|
| 646 | - const currentURI = browser.currentURI;
|
|
| 647 | - if (currentURI && knownSchemes.some(x => currentURI.schemeIs(x))) {
|
|
| 644 | + if (documentURI && documentURI.schemeIs("about")) {
|
|
| 645 | + // Bug 31562: For neterror or certerror, get the original URL from
|
|
| 646 | + // browser.currentURI and use it to calculate the firstPartyDomain.
|
|
| 647 | + const knownErrors = [
|
|
| 648 | + "about:neterror",
|
|
| 649 | + "about:certerror",
|
|
| 650 | + "about:httpsonlyerror",
|
|
| 651 | + ];
|
|
| 652 | + if (knownErrors.some(x => documentURI.spec.startsWith(x))) {
|
|
| 653 | + const knownSchemes = ["http", "https"];
|
|
| 654 | + const currentURI = browser.currentURI;
|
|
| 655 | + if (currentURI && knownSchemes.some(x => currentURI.schemeIs(x))) {
|
|
| 656 | + try {
|
|
| 657 | + fpd = Services.eTLD.getBaseDomainFromHost(currentURI.host);
|
|
| 658 | + } catch (e) {
|
|
| 659 | + if (
|
|
| 660 | + e.result === Cr.NS_ERROR_HOST_IS_IP_ADDRESS ||
|
|
| 661 | + e.result === Cr.NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS
|
|
| 662 | + ) {
|
|
| 663 | + fpd = currentURI.host;
|
|
| 664 | + } else {
|
|
| 665 | + logger.error(
|
|
| 666 | + `Failed to get first party domain for host ${currentURI.host}`,
|
|
| 667 | + e
|
|
| 668 | + );
|
|
| 669 | + }
|
|
| 670 | + }
|
|
| 671 | + }
|
|
| 672 | + } else if (documentURI.spec.startsWith("about:reader")) {
|
|
| 648 | 673 | try {
|
| 649 | - fpd = Services.eTLD.getBaseDomainFromHost(currentURI.host);
|
|
| 650 | - } catch (e) {
|
|
| 651 | - if (
|
|
| 652 | - e.result === Cr.NS_ERROR_HOST_IS_IP_ADDRESS ||
|
|
| 653 | - e.result === Cr.NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS
|
|
| 654 | - ) {
|
|
| 655 | - fpd = currentURI.host;
|
|
| 656 | - } else {
|
|
| 657 | - logger.error(
|
|
| 658 | - `Failed to get first party domain for host ${currentURI.host}`,
|
|
| 659 | - e
|
|
| 660 | - );
|
|
| 674 | + const searchParams = new URLSearchParams(documentURI.query);
|
|
| 675 | + if (searchParams.has("url")) {
|
|
| 676 | + fpd = Services.eTLD.getSchemelessSite(Services.io.newURI(searchParams.get("url")));
|
|
| 661 | 677 | }
|
| 678 | + } catch (e) {
|
|
| 679 | + logger.error("Failed to get first party domain for about:reader", e);
|
|
| 662 | 680 | }
|
| 663 | 681 | }
|
| 664 | 682 | }
|