GitLab

at 2025-08-21T14:45:59+02:00

fixup! BB 40926: Implemented the New Identity feature

fixup! TB 8324: Prevent DNS proxy bypasses caused by Drag&Drop

fixup! TB 27476: Implement about:torconnect captive portal within Tor Browser

fixup! TB 7494: Create local home page for TBB.

fixup! TB 23247: Communicating security expectations for .onion

fixup! TB 21952: Implement Onion-Location

fixup! TB 40458: Implement .tor.onion aliases

       (Ci.nsIWebProgressListener.STATE_LOADED_MIXED_ACTIVE_CONTENT |

         Ci.nsIWebProgressListener.STATE_LOADED_MIXED_DISPLAY_CONTENT);

     var isEV = ui.state & Ci.nsIWebProgressListener.STATE_IDENTITY_EV_TOPLEVEL;

-    let uriInformation = new URL(gDocInfo.documentURIObject.spec);

+    let uriInformation = URL.parse(gDocInfo.documentURIObject.spec);

     // If the Onion site could not be loaded, the view-source will be also be

     // about:neterror.

-    if (uriInformation.protocol == "view-source:") {

-      uriInformation = new URL(uriInformation.pathname);

+    if (uriInformation?.protocol == "view-source:") {

+      uriInformation = URL.parse(uriInformation.pathname);

     }

     const isOnion =

-      ["http:", "https:"].includes(uriInformation.protocol) &&

-      uriInformation.hostname.endsWith(".onion");

+      ["http:", "https:"].includes(uriInformation?.protocol) &&

+      uriInformation?.hostname.endsWith(".onion");

     let retval = {

       cAName: "",

    */

   init() {

     document.getElementById("survey-launch").addEventListener("click", () => {

-      if (!this._localeData) {

+      const url = URL.parse(this._urlBase);

+      if (!url || !this._localeData) {

         return;

       }

-      const url = new URL(this._urlBase);

+

       url.searchParams.append("lang", this._localeData.urlCode);

       open(url.href);

     });

             tbl.onLocationChange = (...args) => {

               tbl.onLocationChange = onLocationChange;

               tbl.onLocationChange(...args);

-              let displayAddress;

-              try {

-                const url = new URL(homeURL);

-                displayAddress = url.hostname;

-                if (!displayAddress) {

-                  // no host, use full address and truncate if too long

-                  const MAX_LEN = 32;

-                  displayAddress = url.href;

-                  if (displayAddress.length > MAX_LEN) {

-                    displayAddress = `${displayAddress.substring(0, MAX_LEN)}…`;

-                  }

-                }

-              } catch (e) {

+              const url = URL.parse(homeURL);

+              if (!url) {

                 // malformed URL, bail out

                 return;

               }

+

+              let displayAddress = url.hostname;

+              if (!displayAddress) {

+                // no host, use full address and truncate if too long

+                const MAX_LEN = 32;

+                displayAddress = url.href;

+                if (displayAddress.length > MAX_LEN) {

+                  displayAddress = `${displayAddress.substring(0, MAX_LEN)}…`;

+                }

+              }

               const callback = () => {

                 Services.prefs.setStringPref(trustedHomePref, homeURL);

                 win.BrowserHome();

         );

         return;

       }

-      let toHostname;

-      try {

-        const toUrl = new URL(rule.rule[0].to);

-        toHostname = toUrl.hostname;

-      } catch (err) {

+      const toHostname = URL.parse(rule.rule[0].to)?.hostname;

+      if (!toHostname) {

         log.error(

-          "Cannot detect the hostname from the to rule",

-          rule.rule[0].to,

-          err

+          "Unable to parse the URL and the hostname from the to rule",

+          rule.rule[0].to

         );

+        return;

       }

+

       let fromRe;

       try {

         fromRe = new RegExp(rule.rule[0].from);

       throw Error("Name cannot be empty");

     }

+    // This will throw if the URL is invalid.

     new URL(chanData.pathPrefix);

     const scope = new RegExp(chanData.scope);

     const ch = new Channel(

       let onionLocationURI = doc.onionLocationURI;

       const refreshURI = docShell.QueryInterface(Ci.nsIRefreshURI);

       if (onionLocationURI && refreshURI) {

-        const docUrl = new URL(doc.URL);

-        let onionUrl = new URL(onionLocationURI.asciiSpec);

+        const docUrl = URL.parse(doc.URL);

+        let onionUrl = URL.parse(onionLocationURI.asciiSpec);

         // Keep consistent with Location

-        if (!onionUrl.hash && docUrl.hash) {

+        if (!onionUrl?.hash && docUrl?.hash) {

           onionUrl.hash = docUrl.hash;

-          onionLocationURI = Services.io.newURI(onionUrl.toString());

+          onionLocationURI = Services.io.newURI(onionUrl?.toString() || "");

         }

         refreshURI.refreshURI(

           onionLocationURI,

   }

   isCrossOrigin(url1, url2) {

-    return new URL(url1).origin !== new URL(url2).origin;

+    const origin1 = URL.parse(url1)?.origin;

+    const origin2 = URL.parse(url2)?.origin;

+

+    if (!origin1 || !origin2) {

+      return true;

+    }

+

+    return origin1 !== origin2;

   }

   shouldBlindCrossOrigin(uri) {

     try {

     const pathPrefix = elements.pathPrefixInput.value.trim();

     try {

-      const url = new URL(pathPrefix);

-      if (url.protocol !== "http:" && url.protocol !== "https:") {

+      const url = URL.parse(pathPrefix);

+      if (url?.protocol !== "http:" && url?.protocol !== "https:") {

         elements.pathPrefixInput.setCustomValidity(

           await document.l10n.formatValue("rulesets-details-path-input-invalid")

         );

     this.#redirected = true;

     const redirect = new URLSearchParams(

-      new URL(this.contentWindow.document.location.href).search

+      URL.parse(this.contentWindow.document.location.href)?.search

     ).get("redirect");

     // Fallback in error cases:

     let replaceURI = "about:tor";

-    try {

-      const url = new URL(

-        redirect

-          ? decodeURIComponent(redirect)

-          : // NOTE: We expect no redirect when address is entered manually, or

-            // about:torconnect is opened from preferences or urlbar.

-            // Go to the home page.

-            await this.sendQuery("torconnect:home-page")

-      );

+    const url = URL.parse(

+      redirect

+        ? decodeURIComponent(redirect)

+        : // NOTE: We expect no redirect when address is entered manually, or

+          // about:torconnect is opened from preferences or urlbar.

+          // Go to the home page.

+          await this.sendQuery("torconnect:home-page")

+    );

+

+    if (url) {

       // Do not allow javascript URI. See tor-browser#41766

       if (

         ["about:", "file:", "https:", "http:"].includes(url.protocol) ||

       } else {

         console.error(`Scheme is not allowed "${redirect}"`);

       }

-    } catch (e) {

-      console.error(`Invalid redirect URL "${redirect}"`, e);

+    } else {

+      console.error(`Invalid redirect URL "${redirect}"`);

     }

     // Replace the destination to prevent "about:torconnect" entering the

         const links = aDataTransfer.mozGetDataAt(urlType, i);

         // Skip DNS-safe URLs (no hostname, e.g. RFC 3966 tel:)

         const mayLeakDNS = links.split("\n").some(link => {

-          try {

-            return new URL(link).hostname;

-          } catch (e) {

-            return false;

-          }

+          return URL.parse(link)?.hostname ?? false;

         });

         if (!mayLeakDNS) {

           continue;

brizental pushed to branch tor-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser

Commits:

9 changed files:

Changes: