ma1 pushed to branch tor-browser-115.0esrbase-13.0-1 at The Tor Project / Applications / Tor Browser
Commits: 82c31751 by cypherpunks1 at 2023-07-12T16:18:15-08:00 fixup! Bug 23247: Communicating security expectations for .onion
Bug 41399: Enable brotli encoding for http onions
- - - - -
1 changed file:
- netwerk/protocol/http/HttpBaseChannel.cpp
Changes:
===================================== netwerk/protocol/http/HttpBaseChannel.cpp ===================================== @@ -340,6 +340,7 @@ void HttpBaseChannel::AddClassificationFlags(uint32_t aClassificationFlags,
static bool isSecureOrTrustworthyURL(nsIURI* aURI) { return aURI->SchemeIs("https") || + nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(aURI) || (StaticPrefs::network_http_encoding_trustworthy_is_https() && nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackURL(aURI)); } @@ -366,7 +367,6 @@ nsresult HttpBaseChannel::Init(nsIURI* aURI, uint32_t aCaps, // Construct connection info object nsAutoCString host; int32_t port = -1; - bool isHTTPS = isSecureOrTrustworthyURL(mURI);
nsresult rv = mURI->GetAsciiHost(host); if (NS_FAILED(rv)) return rv; @@ -395,7 +395,7 @@ nsresult HttpBaseChannel::Init(nsIURI* aURI, uint32_t aCaps, if (NS_FAILED(rv)) return rv;
rv = gHttpHandler->AddStandardRequestHeaders( - &mRequestHead, isHTTPS, aContentPolicyType, + &mRequestHead, isSecureOrTrustworthyURL(mURI), aContentPolicyType, nsContentUtils::ShouldResistFingerprinting(this)); if (NS_FAILED(rv)) return rv;
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/82c31751...