Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security] [hackerone] Tor Onion-Location issue #13828

Closed
darkdh opened this issue Jan 29, 2021 · 1 comment · Fixed by brave/brave-core#7747
Closed

[Security] [hackerone] Tor Onion-Location issue #13828

darkdh opened this issue Jan 29, 2021 · 1 comment · Fixed by brave/brave-core#7747
Assignees
@darkdh
Labels
OS/Desktop priority/P2 A bad problem. We might uplift this to the next planned release. QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Test-Plan-Specified QA/Yes release-notes/include security
Milestone
1.20.x - Release

Comments

@darkdh
Copy link
Member

darkdh commented Jan 29, 2021

https://hackerone.com/reports/1089995
@darkdh darkdh self-assigned this Jan 29, 2021
@darkdh darkdh mentioned this issue Jan 29, 2021
Merged
23 tasks
@diracdeltas diracdeltas added the priority/P2 A bad problem. We might uplift this to the next planned release. label Jan 29, 2021
@darkdh darkdh added this to the 1.21.x - Nightly milestone Jan 30, 2021
@brave-builds brave-builds mentioned this issue Jan 30, 2021
Merged
4 tasks
@LaurenWags LaurenWags changed the title [hackerone] Tor Onion-Location issue [Security] [hackerone] Tor Onion-Location issue Feb 1, 2021
@btlechowski
Copy link

btlechowski commented Feb 2, 2021
edited by stephendonner
Loading

Verification passed on

Brave 1.20.97 Chromium: 88.0.4324.96 (Official Build) dev (64-bit)
Revision 68dba2d8a0b149a1d3afac56fa74648032bcf46b-refs/branch-heads/4324@{#1784}
OS Ubuntu 18.04 LTS

Verified test plan from brave/brave-core#7747

Open in Tor (Header is invalid)
image

Automatically Tor redirect (Header is invalid)
image
image

Open in Tor (HTTP host)
image

Automatically Tor redirect (HTTP host)
image
image

Verification passed on


Brave | 1.20.97 Chromium: 88.0.4324.96 (Official Build) dev (64-bit)
-- | --
Revision | 68dba2d8a0b149a1d3afac56fa74648032bcf46b-refs/branch-heads/4324@{#1784}
OS | Windows 10 OS Version 2004 (Build 19041.746)

Verified test plan from brave/brave-core#7747

Open in Tor (Header is invalid)
opened https://csrf.jp/brave/onion.php in a normal/private/guest tabs/windows and ensured that the Open in Tor button isn't displayed in the URL bar due to the header chrome://restart/

Normal Private Guest
image image image

Automatically Tor redirect (Header is invalid)

  • enabled Automatically redirect .onion sites via brave://settings/extensions
  • opened https://csrf.jp/brave/onion.php in a normal/private/guest tabs/windows and ensured that Brave didn't automatically redirect the user to the Tor page due to the header chrome://restart/

Open in Tor (HTTP host)

  • Opened http://fmarier.com in a normal/private/guest tabs/windows and ensured that the Open in Tor button isn't displayed in the URL bar due to the header http://ixrdj3iwwhkuau5tby5jh3a536a2rdhpbdbu6ldhng43r47kim7a3lid.onion/index.html
Normal Private Guest
image image image

Automatically Tor redirect (HTTP host)

  • Enabled Automatically redirect .onion sites via brave://settings/extensions
  • Opened http://fmarier.com in a normal/private/guest tabs/windows and ensured that Brave didn't automatically redirect the user to the Tor page due to the header http://ixrdj3iwwhkuau5tby5jh3a536a2rdhpbdbu6ldhng43r47kim7a3lid.onion/index.html

Verification passed on

Brave 1.20.97 Chromium: 88.0.4324.96 (Official Build) dev (x86_64)
Revision 68dba2d8a0b149a1d3afac56fa74648032bcf46b-refs/branch-heads/4324@{#1784}
OS macOS Version 11.1 (Build 20C69)

Open in Tor (Header is invalid)
Screen Shot 2021-02-02 at 10 09 33 AM

Automatically Tor redirect (Header is invalid)
Screen Shot 2021-02-02 at 10 03 33 AM

Open in Tor (HTTP host)
Screen Shot 2021-02-02 at 10 05 45 AM

Automatically Tor redirect (HTTP host)
Screen Shot 2021-02-02 at 10 05 08 AM

@LaurenWags LaurenWags mentioned this issue Feb 8, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@darkdh darkdh

Labels
OS/Desktop priority/P2 A bad problem. We might uplift this to the next planned release. QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Test-Plan-Specified QA/Yes release-notes/include security
Projects
None yet
Milestone
1.20.x - Release
Development

Successfully merging a pull request may close this issue.

Enforce Onion-Location spec requirement brave/brave-core
6 participants
@stephendonner @diracdeltas @kjozwiak @darkdh @btlechowski @GeetaSarvadnya