Pier Angelo Vendrame pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: a285b441 by Pier Angelo Vendrame at 2025-09-23T19:45:32+02:00 fixup! TB 3455: Add DomainIsolator, for isolating circuit by domain. Improve DomainIsolator logs and fix a linter warning. - - - - - 771d640c by Pier Angelo Vendrame at 2025-09-23T19:46:39+02:00 BB 19741: Fix FPI with OpenSearch. - - - - - 5 changed files: - browser/components/search/SearchUIUtils.sys.mjs - toolkit/components/search/OpenSearchLoader.sys.mjs - toolkit/components/search/SearchService.sys.mjs - toolkit/components/search/nsISearchService.idl - toolkit/components/tor-launcher/TorDomainIsolator.sys.mjs Changes: ===================================== browser/components/search/SearchUIUtils.sys.mjs ===================================== @@ -181,7 +181,11 @@ export var SearchUIUtils = { */ async addOpenSearchEngine(locationURL, image, browsingContext) { try { - await Services.search.addOpenSearchEngine(locationURL, image); + await Services.search.addOpenSearchEngine( + locationURL, + image, + browsingContext?.originAttributes + ); } catch (ex) { let titleMsgName; let descMsgName; ===================================== toolkit/components/search/OpenSearchLoader.sys.mjs ===================================== @@ -97,10 +97,17 @@ const MOZSEARCH_LOCALNAME = "SearchPlugin"; * The uri from which to load the OpenSearch engine data. * @param {string} [lastModified] * The UTC date when the engine was last updated, if any. + * @param {object} [originAttributes] + * The first party domain of the site loading that manifest. The domain of the + * manifest will be used if not provided. * @returns {Promise<OpenSearchProperties>} * The properties of the loaded OpenSearch engine. */ -export async function loadAndParseOpenSearchEngine(sourceURI, lastModified) { +export async function loadAndParseOpenSearchEngine( + sourceURI, + lastModified, + originAttributes +) { if (!sourceURI) { throw Components.Exception( "Must have URI when calling _install!", @@ -116,7 +123,7 @@ export async function loadAndParseOpenSearchEngine(sourceURI, lastModified) { lazy.logConsole.debug("Downloading OpenSearch engine from:", sourceURI.spec); - let xmlData = await loadEngineXML(sourceURI, lastModified); + let xmlData = await loadEngineXML(sourceURI, lastModified, originAttributes); let xmlDocument = await parseXML(xmlData); lazy.logConsole.debug("Loading search plugin"); @@ -147,11 +154,13 @@ export async function loadAndParseOpenSearchEngine(sourceURI, lastModified) { * The uri from which to load the OpenSearch engine data. * @param {string} [lastModified] * The UTC date when the engine was last updated, if any. + * @param {object} [originAttributes] + * The origin attributes to use to load the manifest. * @returns {Promise} * A promise that is resolved with the data if the engine is successfully loaded * and rejected otherwise. */ -function loadEngineXML(sourceURI, lastModified) { +function loadEngineXML(sourceURI, lastModified, originAttributes = null) { var chan = lazy.SearchUtils.makeChannel( sourceURI, // OpenSearchEngine is loading a definition file for a search engine, @@ -164,6 +173,17 @@ function loadEngineXML(sourceURI, lastModified) { ? Ci.nsILoadInfo.ALREADY_HTTPS : Ci.nsILoadInfo.NO_UPGRADE; + if (!originAttributes) { + originAttributes = {}; + try { + originAttributes.firstPartyDomain = + Services.eTLD.getSchemelessSite(sourceURI); + } catch (ex) { + console.error("Failed to get first party domain for the manifest", ex); + } + } + chan.loadInfo.originAttributes = originAttributes; + if (lastModified && chan instanceof Ci.nsIHttpChannel) { chan.setRequestHeader("If-Modified-Since", lastModified, false); } ===================================== toolkit/components/search/SearchService.sys.mjs ===================================== @@ -762,13 +762,15 @@ export class SearchService { }); } - async addOpenSearchEngine(engineURL, iconURL) { + async addOpenSearchEngine(engineURL, iconURL, originAttributes) { lazy.logConsole.debug("addOpenSearchEngine: Adding", engineURL); await this.init(); let engine; try { let engineData = await lazy.loadAndParseOpenSearchEngine( - Services.io.newURI(engineURL) + Services.io.newURI(engineURL), + null, + originAttributes ); engine = new lazy.OpenSearchEngine({ engineData, faviconURL: iconURL }); } catch (ex) { ===================================== toolkit/components/search/nsISearchService.idl ===================================== @@ -340,10 +340,14 @@ interface nsISearchService : nsISupports * icon. This value may be overridden by an icon specified in the * engine description file. * + * @param originAttributes [optional] + The origin attributes to use to load this manifest. + * * @throws NS_ERROR_FAILURE if the description file cannot be successfully * loaded. */ - Promise addOpenSearchEngine(in AString engineURL, in AString iconURL); + Promise addOpenSearchEngine(in AString engineURL, in AString iconURL, + [optional] in jsval originAttributes); /** * Adds a new search engine defined by the user. ===================================== toolkit/components/tor-launcher/TorDomainIsolator.sys.mjs ===================================== @@ -500,7 +500,13 @@ class TorDomainIsolatorImpl { const browsers = channel.loadInfo.browsingContext?.topChromeWindow?.gBrowser?.browsers; if (!browsers || !channel.loadInfo.browsingContext?.browserId) { - logger.debug("Missing data to associate to a browser", channel.loadInfo); + if (channel instanceof Ci.nsIHttpChannel) { + logger.debug( + "Missing data to associate to a browser", + channel.loadInfo.loadingPrincipal?.URI?.spec, + channel.loadInfo + ); + } return null; } for (const browser of browsers) { @@ -593,7 +599,7 @@ class TorDomainIsolatorImpl { // Should we modify the lower layer to send a circuit identifier, instead? if ( circuit.length === data.length && - circuit.every((id, index) => id === data[index].fingerprint) + circuit.every((fp, index) => fp === data[index].fingerprint) ) { return; } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3a71327... -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3a71327... You're receiving this email because of your account on gitlab.torproject.org.