Bug 1503736 - Origin header honors network.http.referer.hideOnionSource r=ckerschb,dragana
authorJunior Hsu <juhsu@mozilla.com>
Wed, 14 Nov 2018 21:39:13 +0000
changeset 446687 5125f9c64d2753e93c29cdd9b958194b0e17db80
parent 446686 3862dac2171ec28710461663df8e86f5f5d748f9
child 446688 939a5605cccfb28c7f685d29f2b89d6e53bfaddf
push id35046
push userbtara@mozilla.com
push dateFri, 16 Nov 2018 09:46:36 +0000
treeherdermozilla-central@02f799e4c3da [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersckerschb, dragana
bugs1503736
milestone65.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1503736 - Origin header honors network.http.referer.hideOnionSource r=ckerschb,dragana Differential Revision: https://phabricator.services.mozilla.com/D11265
netwerk/protocol/http/nsCORSListenerProxy.cpp
netwerk/protocol/http/nsHttpChannel.cpp
--- a/netwerk/protocol/http/nsCORSListenerProxy.cpp
+++ b/netwerk/protocol/http/nsCORSListenerProxy.cpp
@@ -1008,16 +1008,37 @@ nsCORSListenerProxy::UpdateChannel(nsICh
   // Add the Origin header
   nsAutoCString origin;
   rv = nsContentUtils::GetASCIIOrigin(mOriginHeaderPrincipal, origin);
   NS_ENSURE_SUCCESS(rv, rv);
 
   nsCOMPtr<nsIHttpChannel> http = do_QueryInterface(aChannel);
   NS_ENSURE_TRUE(http, NS_ERROR_FAILURE);
 
+  // hide the Origin header when requesting from .onion and requesting CORS
+  if (gHttpHandler->HideOnionReferrerSource()) {
+    nsCOMPtr<nsIURI> potentialOnionUri; // the candidate uri in header Origin:
+    rv = mOriginHeaderPrincipal->GetURI(getter_AddRefs(potentialOnionUri));
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    nsAutoCString potentialOnionHost;
+    rv = potentialOnionUri ? potentialOnionUri->GetAsciiHost(potentialOnionHost)
+                           : NS_ERROR_FAILURE;
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    nsAutoCString currentOrgin;
+    rv = nsContentUtils::GetASCIIOrigin(originalURI, currentOrgin);
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    if (!currentOrgin.EqualsIgnoreCase(origin.get()) &&
+        StringEndsWith(potentialOnionHost, NS_LITERAL_CSTRING(".onion"))) {
+      origin.Truncate();
+    }
+  }
+
   rv = http->SetRequestHeader(nsDependentCString(net::nsHttp::Origin), origin, false);
   NS_ENSURE_SUCCESS(rv, rv);
 
   // Make cookie-less if needed. We don't need to do anything here if the
   // channel was opened with AsyncOpen2, since then AsyncOpen2 will take
   // care of the cookie policy for us.
   if (!mWithCredentials &&
       (!loadInfo || !loadInfo->GetEnforceSecurity())) {
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -9437,24 +9437,37 @@ nsHttpChannel::SetOriginHeader()
     nsCOMPtr<nsIURI> referrer;
     mLoadInfo->TriggeringPrincipal()->GetURI(getter_AddRefs(referrer));
 
     nsAutoCString origin("null");
     if (referrer && IsReferrerSchemeAllowed(referrer)) {
         nsContentUtils::GetASCIIOrigin(referrer, origin);
     }
 
-    // Restrict Origin to same-origin loads if requested by user
+    // Restrict Origin to same-origin loads if requested by user or leaving from
+    // .onion
     if (sSendOriginHeader == 1) {
         nsAutoCString currentOrigin;
         nsContentUtils::GetASCIIOrigin(mURI, currentOrigin);
         if (!origin.EqualsIgnoreCase(currentOrigin.get())) {
             // Origin header suppressed by user setting
             return;
         }
+    } else if (gHttpHandler->HideOnionReferrerSource()) {
+        nsAutoCString host;
+        if (referrer &&
+            NS_SUCCEEDED(referrer->GetAsciiHost(host)) &&
+            StringEndsWith(host, NS_LITERAL_CSTRING(".onion"))) {
+            nsAutoCString currentOrigin;
+            nsContentUtils::GetASCIIOrigin(mURI, currentOrigin);
+            if (!origin.EqualsIgnoreCase(currentOrigin.get())) {
+                // Origin header is suppressed by .onion
+                return;
+            }
+        }
     }
 
     rv = mRequestHead.SetHeader(nsHttp::Origin, origin, false /* merge */);
     MOZ_ASSERT(NS_SUCCEEDED(rv));
 }
 
 void
 nsHttpChannel::SetDoNotTrack()