This is an automated email from the git hooks/post-receive script.

richard pushed a commit to branch tor-browser-102.3.0esr-12.0-2 in repository tor-browser.

The following commit(s) were added to refs/heads/tor-browser-102.3.0esr-12.0-2 by this push: new caa5988884a3 fixup! Bug 30237: Add v3 onion services client authentication prompt caa5988884a3 is described below

commit caa5988884a3dc6e60047ad246abd56d84fa11ad Author: hackademix giorgio@maone.net AuthorDate: Wed Oct 12 19:17:53 2022 +0200

fixup! Bug 30237: Add v3 onion services client authentication prompt --- .../components/onionservices/content/authPrompt.js | 18 +++++++++++------- browser/components/onionservices/content/authUtil.jsm | 19 ------------------- browser/components/sessionstore/SessionStore.jsm | 5 ----- browser/themes/shared/aboutNetError.css | 7 +++++++ docshell/base/nsDocShell.cpp | 6 ++++-- 5 files changed, 22 insertions(+), 33 deletions(-)

diff --git a/browser/components/onionservices/content/authPrompt.js b/browser/components/onionservices/content/authPrompt.js index 14fb334a6206..ba40e9fd464c 100644 --- a/browser/components/onionservices/content/authPrompt.js +++ b/browser/components/onionservices/content/authPrompt.js @@ -225,13 +225,17 @@ const OnionAuthPrompt = (function() {

_onCancel() { // Arrange for an error page to be displayed. - this._browser.messageManager.sendAsyncMessage( - OnionAuthUtil.message.authPromptCanceled, - { - failedURI: this._failedURI.spec, - reasonForPrompt: this._reasonForPrompt, - } - ); + const failedURI = this._failedURI.spec; + const errorCode = + this._reasonForPrompt === OnionAuthUtil.topic.clientAuthMissing + ? Cr.NS_ERROR_TOR_ONION_SVC_MISSING_CLIENT_AUTH + : Cr.NS_ERROR_TOR_ONION_SVC_BAD_CLIENT_AUTH; + + const io = `ChromeUtils.import("resource://gre/modules/Services.jsm").Services.io`; + this._browser.messageManager.loadFrameScript(`data:,${encodeURIComponent( + `docShell.displayLoadError(${errorCode}, ${io}.newURI(${JSON.stringify(failedURI)}), undefined, undefined);` + )}`, + false); },

_getKeyElement() { diff --git a/browser/components/onionservices/content/authUtil.jsm b/browser/components/onionservices/content/authUtil.jsm index 82a835359b3e..7157acf2e11d 100644 --- a/browser/components/onionservices/content/authUtil.jsm +++ b/browser/components/onionservices/content/authUtil.jsm @@ -24,23 +24,4 @@ const OnionAuthUtil = { warningElement: "tor-clientauth-warning", checkboxElement: "tor-clientauth-persistkey-checkbox", }, - - addCancelMessageListener(aMessageManager, aDocShell) { - aMessageManager.addMessageListener(this.message.authPromptCanceled, { - receiveMessage(aMessage) { - // Upon cancellation of the client authentication prompt, display - // the appropriate error page. When calling the docShell - // displayLoadError() function, we pass undefined for the failed - // channel so that displayLoadError() can determine that it should - // not display the client authentication prompt a second time. - const failedURI = Services.io.newURI(aMessage.data.failedURI); - const reasonForPrompt = aMessage.data.reasonForPrompt; - const errorCode = - reasonForPrompt === this.topic.clientAuthMissing - ? Cr.NS_ERROR_TOR_ONION_SVC_MISSING_CLIENT_AUTH - : Cr.NS_ERROR_TOR_ONION_SVC_BAD_CLIENT_AUTH; - aDocShell.displayLoadError(errorCode, failedURI, undefined, undefined); - }, - }); - }, }; diff --git a/browser/components/sessionstore/SessionStore.jsm b/browser/components/sessionstore/SessionStore.jsm index 58c5a4fed6ca..4611737ca918 100644 --- a/browser/components/sessionstore/SessionStore.jsm +++ b/browser/components/sessionstore/SessionStore.jsm @@ -234,10 +234,6 @@ ChromeUtils.defineModuleGetter( "resource://gre/modules/sessionstore/SessionHistory.jsm" );

-const { OnionAuthUtil } = ChromeUtils.import( - "chrome://browser/content/onionservices/authUtil.jsm" -); - XPCOMUtils.defineLazyServiceGetters(this, { gScreenManager: ["@mozilla.org/gfx/screenmanager;1", "nsIScreenManager"], }); @@ -1514,7 +1510,6 @@ var SessionStoreInternal = { let listenWhenClosed = CLOSED_MESSAGES.has(msg); mm.addMessageListener(msg, this, listenWhenClosed); }); - OnionAuthUtil.addCancelMessageListener(mm, aWindow.docShell);

// Load the frame script after registering listeners. if (!Services.appinfo.sessionHistoryInParent) { diff --git a/browser/themes/shared/aboutNetError.css b/browser/themes/shared/aboutNetError.css index 73f9d2760a15..438cc5782291 100644 --- a/browser/themes/shared/aboutNetError.css +++ b/browser/themes/shared/aboutNetError.css @@ -8,6 +8,13 @@ body { --warning-color: #ffa436; }

+body.onionAuthPrompt { + background: white; +} +.onionAuthPrompt > * { + display: none; +} + @media (prefers-color-scheme: dark) { body { --warning-color: #ffbd4f; diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 95c68c34fd7f..22577e45643a 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -3902,8 +3902,10 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI, // if the user cancels the Tor client auth prompt, but in that case we // will not have a failed channel and therefore we will not prompt again. if (isOnionAuthError && aFailedChannel) { - // Display about:blank while the Tor client auth prompt is open. - errorPage.AssignLiteral("blank"); + // Display about:neterror with a style emulating about:blank while the + // Tor client auth prompt is open. Do not use about:blank directly: it + // will mess with the failed channel information persistence! + cssClass.AssignLiteral("onionAuthPrompt"); } }