ma1 pushed to branch tor-browser-102.11.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits: dbec6cf6 by cypherpunks1 at 2023-05-24T09:21:07-08:00 fixup! Bug 23247: Communicating security expectations for .onion
Bug 41785: Show http onion resources as secure in network monitor
- - - - -
1 changed file:
- devtools/shared/webconsole/network-helper.js
Changes:
===================================== devtools/shared/webconsole/network-helper.js ===================================== @@ -600,6 +600,9 @@ var NetworkHelper = {
// The request did not contain any security info. if (!securityInfo) { + if (httpActivity.hostname && httpActivity.hostname.endsWith(".onion")) { + info.state = "secure"; + } return info; }
@@ -651,7 +654,11 @@ var NetworkHelper = { // schemes other than https and wss are subject to // downgrade/etc at the scheme level and should always be // considered insecure - info.state = "insecure"; + if (httpActivity.hostname && httpActivity.hostname.endsWith(".onion")) { + info.state = "secure"; + } else { + info.state = "insecure"; + } } else if (state & wpl.STATE_IS_SECURE) { // The connection is secure if the scheme is sufficient info.state = "secure";
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/dbec6cf6...