[tor-commits] [tor-browser/tor-browser-52.8.0esr-7.5-1] Bug 23439: Exempt .onion domains from mixed content warnings

Wed May 2 07:06:13 UTC 2018

commit e52a50f2099501efd4e2892a702a1a3730439426
Author: Georg Koppen <gk at torproject.org>
Date:   Wed Mar 21 08:21:01 2018 +0000

    Bug 23439: Exempt .onion domains from mixed content warnings
    
    Tests
---
 browser/base/content/test/general/browser.ini      |  4 +++
 .../test/general/browser_no_mcb_for_onions.js      | 39 ++++++++++++++++++++++
 .../test/general/test_no_mcb_for_onions.html       | 28 ++++++++++++++++
 3 files changed, 71 insertions(+)

diff --git a/browser/base/content/test/general/browser.ini b/browser/base/content/test/general/browser.ini
index 96e591ffea7b..321e444c2cde 100644
--- a/browser/base/content/test/general/browser.ini
+++ b/browser/base/content/test/general/browser.ini
@@ -492,3 +492,7 @@ tags = mcb
 [browser_newwindow_focus.js]
 skip-if = (os == "linux" && !e10s) # Bug 1263254 - Perma fails on Linux without e10s for some reason.
 [browser_bug1299667.js]
+[browser_no_mcb_for_onions.js]
+tags = mcb
+support-files =
+  test_no_mcb_for_onions.html
diff --git a/browser/base/content/test/general/browser_no_mcb_for_onions.js b/browser/base/content/test/general/browser_no_mcb_for_onions.js
new file mode 100644
index 000000000000..8023b78276f3
--- /dev/null
+++ b/browser/base/content/test/general/browser_no_mcb_for_onions.js
@@ -0,0 +1,39 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+// The test loads a HTTPS web page with active content from HTTP .onion URLs
+// and makes sure that the mixed content flags on the docshell are not set.
+//
+// Note that the URLs referenced within the test page intentionally use the
+// unassigned port 8 because we don't want to actually load anything, we just
+// want to check that the URLs are not blocked.
+
+const TEST_URL = getRootDirectory(gTestPath).replace("chrome://mochitests/content", "https://example.com") + "test_no_mcb_for_onions.html";
+
+const PREF_BLOCK_DISPLAY = "security.mixed_content.block_display_content";
+const PREF_BLOCK_ACTIVE = "security.mixed_content.block_active_content";
+const PREF_ONION_WHITELIST = "dom.securecontext.whitelist_onions";
+
+add_task(async function allowOnionMixedContent() {
+  registerCleanupFunction(function() {
+    gBrowser.removeCurrentTab();
+  });
+
+  await SpecialPowers.pushPrefEnv({set: [[PREF_BLOCK_DISPLAY, true]]});
+  await SpecialPowers.pushPrefEnv({set: [[PREF_BLOCK_ACTIVE, true]]});
+  await SpecialPowers.pushPrefEnv({set: [[PREF_ONION_WHITELIST, true]]});
+
+  const tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
+  const browser = gBrowser.getBrowserForTab(tab);
+
+  await ContentTask.spawn(browser, null, function() {
+    is(docShell.hasMixedDisplayContentBlocked, false, "hasMixedDisplayContentBlocked not set");
+    is(docShell.hasMixedActiveContentBlocked, false, "hasMixedActiveContentBlocked not set");
+  });
+
+  await assertMixedContentBlockingState(browser, {
+    activeBlocked: false,
+    activeLoaded: false,
+    passiveLoaded: false,
+ });
+});
diff --git a/browser/base/content/test/general/test_no_mcb_for_onions.html b/browser/base/content/test/general/test_no_mcb_for_onions.html
new file mode 100644
index 000000000000..9715d526bf87
--- /dev/null
+++ b/browser/base/content/test/general/test_no_mcb_for_onions.html
@@ -0,0 +1,28 @@
+<!-- See browser_no_mcb_for_onions.js -->
+<!DOCTYPE HTML>
+<html>
+  <head>
+    <meta charset="utf8">
+    <title>Bug 1382359</title>
+  </head>
+
+  <style>
+    @font-face {
+      src: url("http://123456789abcdef.onion:8/test.ttf");
+    }
+  </style>
+
+  <body>
+    <img src="http://123456789abcdef.onion:8/test.png">
+
+    <iframe src="http://123456789abcdef.onion:8/test.html"></iframe>
+  </body>
+
+  <script src="http://123456789abcdef.onion:8/test.js"></script>
+
+  <link href="http://123456789abcdef.onion:8/test.css" rel="stylesheet"></link>
+
+  <script>
+    fetch("http://123456789abcdef.onion:8");
+  </script>
+</html>

