[tor-commits] [tor-browser] branch tor-browser-91.11.0esr-12.0-1 updated: Bug 41050: HTTPS-Only Mode Alert's "Continue to HTTP Site" button doesn't work on IP addresses

gitolite role git at cupani.torproject.org
Tue Jul 19 18:14:24 UTC 2022 

This is an automated email from the git hooks/post-receive script.

richard pushed a commit to branch tor-browser-91.11.0esr-12.0-1
in repository tor-browser.

The following commit(s) were added to refs/heads/tor-browser-91.11.0esr-12.0-1 by this push:
     new c1066fbb756be Bug 41050: HTTPS-Only Mode Alert's "Continue to HTTP Site" button doesn't work on IP addresses
c1066fbb756be is described below

commit c1066fbb756be8096dfed2cc902b97e6a40fc65d
Author: Pier Angelo Vendrame <pierov at torproject.org>
AuthorDate: Mon Jul 18 18:56:13 2022 +0200

    Bug 41050: HTTPS-Only Mode Alert's "Continue to HTTP Site" button doesn't work on IP addresses
    
    This bug has already been fixed upstream, so we should drop this patch
    when we update to 102.
    See also https://bugzilla.mozilla.org/show_bug.cgi?id=1697866.
---
 toolkit/actors/AboutHttpsOnlyErrorParent.jsm | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/toolkit/actors/AboutHttpsOnlyErrorParent.jsm b/toolkit/actors/AboutHttpsOnlyErrorParent.jsm
index 407e014ff6574..5b6bc94ab88ff 100644
--- a/toolkit/actors/AboutHttpsOnlyErrorParent.jsm
+++ b/toolkit/actors/AboutHttpsOnlyErrorParent.jsm
@@ -87,6 +87,19 @@ class AboutHttpsOnlyErrorParent extends JSWindowActorParent {
     const oldOriginAttributes = aBrowser.contentPrincipal.originAttributes;
     const hasFpiAttribute = !!oldOriginAttributes.firstPartyDomain.length;
 
+    let firstPartyDomain = "";
+    if (hasFpiAttribute) {
+      // This try-catch to check whether a host is an IP address is used also in
+      // other parts of Firefox
+      try {
+        firstPartyDomain = Services.eTLD.getBaseDomain(newURI);
+      } catch (e) {
+        if (e.result == Cr.NS_ERROR_HOST_IS_IP_ADDRESS) {
+          firstPartyDomain = newURI.host;
+        }
+      }
+    }
+
     // Create new content principal for the permission. If first-party isolation
     // is enabled, we have to replace the about-page first-party domain with the
     // one from the exempt website.
@@ -94,9 +107,7 @@ class AboutHttpsOnlyErrorParent extends JSWindowActorParent {
       newURI,
       {
         ...oldOriginAttributes,
-        firstPartyDomain: hasFpiAttribute
-          ? Services.eTLD.getBaseDomain(newURI)
-          : "",
+        firstPartyDomain,
       }
     );
 

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.

More information about the tor-commits mailing list