Merge pull request #8040 from brave/block-onion-request

Block .onion requests in non-Tor window
brave · Feb 23, 2021 · f3e532e · f3e532e
2 parents 0fd7a83 + d9ef154
commit f3e532e
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 8 deletions.
diff --git a/browser/tor/onion_location_navigation_throttle_browsertest.cc b/browser/tor/onion_location_navigation_throttle_browsertest.cc
@@ -20,6 +20,7 @@
 #include "components/prefs/pref_service.h"
 #include "content/public/browser/notification_service.h"
 #include "content/public/test/browser_test.h"
+#include "content/public/test/test_navigation_observer.h"
 #include "net/test/embedded_test_server/http_request.h"
 #include "net/test/embedded_test_server/http_response.h"
 
@@ -113,6 +114,28 @@ IN_PROC_BROWSER_TEST_F(OnionLocationNavigationThrottleBrowserTest,
   EXPECT_TRUE(helper->onion_location().is_empty());
 }
 
+IN_PROC_BROWSER_TEST_F(OnionLocationNavigationThrottleBrowserTest,
+                       OnionDomain) {
+  content::WebContents* web_contents =
+      browser()->tab_strip_model()->GetActiveWebContents();
+  content::TestNavigationObserver nav_observer(web_contents);
+  ui_test_utils::NavigateToURL(browser(), GURL(kTestOnionURL));
+  nav_observer.Wait();
+  // Original request was blocked
+  EXPECT_EQ(nav_observer.last_net_error_code(), net::ERR_BLOCKED_BY_CLIENT);
+  tor::OnionLocationTabHelper* helper =
+      tor::OnionLocationTabHelper::FromWebContents(web_contents);
+  EXPECT_TRUE(helper->should_show_icon());
+  EXPECT_EQ(helper->onion_location(), GURL(kTestOnionURL));
+  CheckOnionLocationLabel(browser());
+
+  ui_test_utils::NavigateToURL(browser(), GURL(kTestNotOnionURL));
+  web_contents = browser()->tab_strip_model()->GetActiveWebContents();
+  helper = tor::OnionLocationTabHelper::FromWebContents(web_contents);
+  EXPECT_FALSE(helper->should_show_icon());
+  EXPECT_TRUE(helper->onion_location().is_empty());
+}
+
 IN_PROC_BROWSER_TEST_F(OnionLocationNavigationThrottleBrowserTest,
                        OnionDomain_AutoOnionRedirect) {
   browser()->profile()->GetPrefs()->SetBoolean(tor::prefs::kAutoOnionRedirect,
@@ -126,14 +149,20 @@ IN_PROC_BROWSER_TEST_F(OnionLocationNavigationThrottleBrowserTest,
   content::WindowedNotificationObserver tor_browser_creation_observer(
       chrome::NOTIFICATION_BROWSER_OPENED,
       content::NotificationService::AllSources());
+  content::WebContents* web_contents =
+      browser()->tab_strip_model()->GetActiveWebContents();
+  content::TestNavigationObserver nav_observer(web_contents);
   ui_test_utils::NavigateToURL(browser(), GURL(kTestOnionURL));
   tor_browser_creation_observer.Wait();
+  nav_observer.Wait();
+  // Original request was blocked
+  EXPECT_EQ(nav_observer.last_net_error_code(), net::ERR_BLOCKED_BY_CLIENT);
   EXPECT_EQ(2U, browser_list->size());
   Browser* tor_browser = browser_list->get(1);
   ASSERT_TRUE(tor_browser->profile()->IsTor());
-  content::WebContents* web_contents =
+  content::WebContents* tor_web_contents =
       tor_browser->tab_strip_model()->GetActiveWebContents();
-  EXPECT_EQ(web_contents->GetURL(), GURL(kTestOnionURL));
+  EXPECT_EQ(tor_web_contents->GetURL(), GURL(kTestOnionURL));
   // We don't close the original tab
   EXPECT_EQ(browser()->tab_strip_model()->count(), 1);
   // No new tab in Tor window

diff --git a/browser/ui/views/location_bar/onion_location_view.cc b/browser/ui/views/location_bar/onion_location_view.cc
@@ -52,7 +52,7 @@ void OnTorProfileCreated(GURL onion_location,
   if (!browser)
     return;
   content::OpenURLParams open_tor(onion_location, content::Referrer(),
-                                  WindowOpenDisposition::NEW_FOREGROUND_TAB,
+                                  WindowOpenDisposition::SWITCH_TO_TAB,
                                   ui::PAGE_TRANSITION_TYPED, false);
   browser->OpenURL(open_tor);
 }

diff --git a/components/tor/onion_location_navigation_throttle.cc b/components/tor/onion_location_navigation_throttle.cc
@@ -94,13 +94,22 @@ OnionLocationNavigationThrottle::WillProcessResponse() {
 
 content::NavigationThrottle::ThrottleCheckResult
 OnionLocationNavigationThrottle::WillStartRequest() {
-  // Open .onion site in Tor window
+  // If a user enters .onion address in non-Tor window, we block the request and
+  // offer "Open in Tor" button or automatically opening it in Tor window.
   if (!is_tor_profile_) {
     GURL url = navigation_handle()->GetURL();
-    if (url.SchemeIsHTTPOrHTTPS() && url.DomainIs("onion") &&
-        pref_service_->GetBoolean(prefs::kAutoOnionRedirect)) {
-      delegate_->OpenInTorWindow(navigation_handle()->GetWebContents(),
-                                 std::move(url));
+    if (url.SchemeIsHTTPOrHTTPS() && url.DomainIs("onion")) {
+      if (pref_service_->GetBoolean(prefs::kAutoOnionRedirect)) {
+        delegate_->OpenInTorWindow(navigation_handle()->GetWebContents(),
+                                   std::move(url));
+      } else {
+        OnionLocationTabHelper::SetOnionLocation(
+            navigation_handle()->GetWebContents(), url);
+      }
+      return content::NavigationThrottle::BLOCK_REQUEST;
+    } else {
+      OnionLocationTabHelper::SetOnionLocation(
+          navigation_handle()->GetWebContents(), GURL());
     }
   }
   return content::NavigationThrottle::PROCEED;