Unverified Commit 75c66822 authored by Richard Pospesel's avatar Richard Pospesel Committed by Matthew Finkel
Browse files

Bug 40416: Add v2 Onion deprecation warnings 

- adds new v2 deprecated warning page (js and styling) that piggy-backs
  off of the existing added onion service errors
- updates identity-icon to onionWarning.svg when visiting a v2 onion site adds
  warning tooltip; this warning supersedes all other identity states (including
  mixed-content error)
- we determine whether to show the warning page in nsDocShell::DoURILoad()
- a new synchonous IPC method is added to ContentChild/ContentParent to determine
  if the session has loaded the warning page already; worst case scenario, each
  child process will need to wait on this method to return only once when visiting
  a v2 onion; nothing is permanently cached with regards to this change
- an exception for the new sync method is added to sync-messages.ini (generally,
  in practice adding new blocking methods is probably bad, but the minimial
  overhead and frequency this method is called is worth the simpler code)
parent 6556e2a5

browser/base/content/aboutNetError.xhtml

+3 −0
Original line number Diff line number Diff line
@@ -207,7 +207,10 @@ 
        </div>

      </div>

    </div>

<!-- The onion pattern is disabled by default unless the onionPattern.css is also included; we include onionPattern.css programmatically in the v2Deprecation error page, so the onion pattern will not be visible in all error pages -->

#include ../../themes/shared/onionPattern.inc.xhtml

  </body>

  <script src="chrome://browser/content/onionservices/netError/v2Deprecated.js"/>

  <script src="chrome://browser/content/onionservices/netError/onionNetError.js"/>

  <script src="chrome://browser/content/aboutNetError.js"/>

</html>

browser/base/content/browser-siteIdentity.js

+12 −0
Original line number Diff line number Diff line
@@ -135,6 +135,15 @@ var gIdentityHandler = { 
    return this._uriHasHost ? this._uri.host.toLowerCase().endsWith(".onion") : false;

  },



  get _uriIsDeprecatedOnionHost() {

    const hostIsV2Onion = function(host) {

      // matches on v2 onion domains with any number of subdomains

      const pattern = /^(.*\.)*[a-z2-7]{16}\.onion/i;

      return pattern.test(host);

    };



    return this._uriHasHost ? hostIsV2Onion(this._uri.host) : false;

  },

  // smart getters

  get _identityPopup() {

    delete this._identityPopup;
@@ -685,6 +694,9 @@ var gIdentityHandler = { 
        "identity.extension.label",

        [extensionName]

      );

    } else if (this._uriIsDeprecatedOnionHost) {

      this._identityBox.className = "onionServiceDeprecated";

      tooltip = TorStrings.onionServices.v2Deprecated.tooltip;

    } else if (this._uriHasHost && this._isSecureConnection && this._secInfo) {

      // This is a secure connection.

      // _isSecureConnection implicitly includes onion services, which may not have an SSL certificate

browser/base/jar.mn

+1 −1
Original line number Diff line number Diff line
@@ -22,7 +22,7 @@ browser.jar: 
        content/browser/logos/send.svg                (content/logos/send.svg)

        content/browser/logos/tracking-protection.svg (content/logos/tracking-protection.svg)

        content/browser/logos/tracking-protection-dark-theme.svg (content/logos/tracking-protection-dark-theme.svg)

        content/browser/aboutNetError.xhtml            (content/aboutNetError.xhtml)

*       content/browser/aboutNetError.xhtml            (content/aboutNetError.xhtml)

        content/browser/aboutNetError.js               (content/aboutNetError.js)

        content/browser/aboutRobots-icon.png          (content/aboutRobots-icon.png)

        content/browser/aboutFrameCrashed.html        (content/aboutFrameCrashed.html)

browser/components/onionservices/content/netError/onionNetError.js

+6 −0
Original line number Diff line number Diff line
@@ -38,6 +38,12 @@ var OnionServicesAboutNetError = { 
    const errPrefix = "onionServices.";

    const errName = err.substring(errPrefix.length);



    // tor-browser#40416 - remove this page and updated onionNetErrors with new error once v2 no longer works at all

    if (errName === "v2Deprecated") {

      V2DeprecatedAboutNetError.initPage(aDoc);

      return;

    }



    this._strings = RPMGetTorStrings();



    const stringsObj = this._strings[errName];

browser/components/onionservices/content/netError/v2Deprecated.css

0 → 100644
+25 −0
Original line number Diff line number Diff line 
%include ../../../../themes/shared/onionPattern.css



:root {

  --onion-opacity: 1;

  --onion-color: var(--card-outline-color);

  --onion-radius: 50px;

}



body {

    border: 1.5em solid #FED916;

    justify-content: space-between;

}



div.title {

    background-image: url("chrome://browser/skin/onion-warning.svg");

}



div#errorPageContainer {

    padding-top: 20vh;

    width: 66%;

}



div#learnMoreContainer {

    display: block;

}
 
 No newline at end of file