ma1 pushed to branch tor-browser-115.2.0esr-13.0-1 at The Tor Project / Applications / Tor Browser
Commits:
-
03a24c6d
by cypherpunks1 at 2023-09-08T22:06:56+00:00
1 changed file:
Changes:
| ... | ... | @@ -1734,12 +1734,15 @@ nsresult WebSocketImpl::Init(JSContext* aCx, bool aIsSecure, |
| 1734 | 1734 | }
|
| 1735 | 1735 | |
| 1736 | 1736 | // Don't allow https:// to open ws://
|
| 1737 | - if (!mIsServerSide && !mSecure &&
|
|
| 1737 | + if (!mIsServerSide && !mSecure && aIsSecure &&
|
|
| 1738 | 1738 | !Preferences::GetBool("network.websocket.allowInsecureFromHTTPS",
|
| 1739 | 1739 | false) &&
|
| 1740 | 1740 | !nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackHost(
|
| 1741 | 1741 | mAsciiHost)) {
|
| 1742 | - if (aIsSecure) {
|
|
| 1742 | + nsCOMPtr<nsIURI> uri;
|
|
| 1743 | + nsresult rv = NS_NewURI(getter_AddRefs(uri), mURI);
|
|
| 1744 | + NS_ENSURE_SUCCESS(rv, rv);
|
|
| 1745 | + if (!nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(uri)) {
|
|
| 1743 | 1746 | return NS_ERROR_DOM_SECURITY_ERR;
|
| 1744 | 1747 | }
|
| 1745 | 1748 | }
|