[Tor] Treat .onion sites whose protocol is HTTP as if it was HTTPS.

2019-10-27 21:33:21 +00:00 · 2019-10-27 21:33:21 +00:00 · ad5f6b1786
parent b1733d4392
commit ad5f6b1786
3 changed files with 12 additions and 3 deletions
--- a/src/bg/Settings.js
+++ b/src/bg/Settings.js
@ -92,6 +92,8 @@ var Settings = {
      // Tor Browser-specific settings
      ns.defaults.local.isTorBrowser = true; // prevents reset from forgetting
      ns.defaults.sync.cascadeRestrictions = true; // we want this to be the default even on reset
+      Sites.onionSecure = true;
+
      if (!this.gotTorBrowserInit) {
        // First initialization message from the Tor Browser
        this.gotTorBrowserInit = true;
--- a/src/common/Policy.js
+++ b/src/common/Policy.js
@ -65,6 +65,9 @@ var {Permissions, Policy, Sites} = (() => {
        }
      }
      if (url) {
+        if (Sites.onionSecure && url.protocol === "http:" && url.hostname.endsWith(".onion")) {
+          url.protocol = "https:";
+        }
        let path = url.pathname;
        siteKey = url.origin;
        if (siteKey === "null") {
--- a/src/ui/ui.js
+++ b/src/ui/ui.js
@ -38,11 +38,15 @@ var UI = (() => {
            UI.xssUserChoices = m.xssUserChoices;
            UI.local = m.local;
            UI.sync = m.sync;
-            if (UI.local && !UI.local.debug) {
+
+            if (UI.local) {
+              if (!UI.local.debug) {
                debug = () => {}; // be quiet!
              }
-            if (UI.local) {
              document.documentElement.classList.toggle("tor", !!UI.local.isTorBrowser);
+              if (UI.local.isTorBrowser) {
+                Sites.onionSecure = true;
+              }
            }
            resolve();
            if (UI.onSettings) UI.onSettings();