Opened 10 days ago

Last modified 37 hours ago

#33726 needs_review defect

Fix patch for #23247: Communicating security expectations for .onion

Reported by: acat Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: TorBrowserTeam202004R
Cc: Actual Points:
Parent ID: Points:
Reviewer: pospeselr Sponsor:


While working on #33533 I realized that in the switch to ESR68 (#30429) the patch for #23247 was ported incorrectly. The original patch for ESR60 was 651e4ef7de3e and the mistake was introduced in revision (see comment in

My understanding is that in the original patch, the block of if (isHttpScheme && IsPotentiallyTrustworthyOnion(innerContentLocation)) { was moved from to in order to allow mixed contents in workers for the .onion case (which would get disallowed otherwise).

However, in ESR68 there's IsPotentiallyTrustworthyOrigin with includes IsPotentiallyTrustworthyOnion. So, I think this block: should not be removed, since it's not the same as the one that is added in

I think this is not a security issue, the result of this bug is that we are not allowing cases that we should (all cases of IsPotentiallyTrustworthyOrigin that are not .onion).

Child Tickets

Change History (4)

comment:1 Changed 10 days ago by acat

Keywords: TorBrowserTeam202003R added; TorBrowserTeam202003 removed
Status: newneeds_review

comment:2 Changed 9 days ago by cypherpunks

In short: you need a 100% coverage by tests for that set of patches.

comment:3 Changed 3 days ago by pili

Keywords: TorBrowserTeam202004R added; TorBrowserTeam202003R removed

We are no longer in March

comment:4 Changed 37 hours ago by sysrqb

Reviewer: pospeselr
Note: See TracTickets for help on using tickets.