[tbb-commits] [tor-browser/tor-browser-68.7.0esr-9.5-1] fixup! Bug 23247: Communicating security expectations for .onion

boklm at torproject.org boklm at torproject.org
Wed Apr 15 22:41:22 UTC 2020


commit dcae22191c42bdb1948a6e55c7c50e0ab97dbf70
Author: Alex Catarineu <acat at torproject.org>
Date:   Wed Mar 25 18:33:57 2020 +0100

    fixup! Bug 23247: Communicating security expectations for .onion
---
 dom/security/nsMixedContentBlocker.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/dom/security/nsMixedContentBlocker.cpp b/dom/security/nsMixedContentBlocker.cpp
index cf060b67d68f..2bbc2e8aecb3 100644
--- a/dom/security/nsMixedContentBlocker.cpp
+++ b/dom/security/nsMixedContentBlocker.cpp
@@ -794,6 +794,11 @@ nsresult nsMixedContentBlocker::ShouldLoad(
     return NS_OK;
   }
 
+  if (isHttpScheme && IsPotentiallyTrustworthyOrigin(innerContentLocation)) {
+    *aDecision = ACCEPT;
+    return NS_OK;
+  }
+
   // The page might have set the CSP directive 'upgrade-insecure-requests'. In
   // such a case allow the http: load to succeed with the promise that the
   // channel will get upgraded to https before fetching any data from the



More information about the tbb-commits mailing list