Only allow whitelisted protocols to load in tor tabs

fix #14664
brave · Jul 5, 2018 · 9759cc3 · 9759cc3
1 parent 3f8feb2
commit 9759cc3
Showing 1 changed file with 27 additions and 5 deletions.
diff --git a/app/filtering.js b/app/filtering.js
@@ -103,6 +103,13 @@ module.exports.registerHeadersReceivedFilteringCB = (filteringFn) => {
   headersReceivedFilteringFns.push(filteringFn)
 }
 
+// Protocols which are safe to load in tor tabs
+const whitelistedTorProtocols = ['http:', 'https:', 'chrome-extension:', 'chrome-devtools:']
+if (process.env.NODE_ENV === 'development') {
+  // Needed for connection to webpack local server
+  whitelistedTorProtocols.push('ws:')
+}
+
 /**
  * Register for notifications for webRequest.onBeforeRequest for a particular
  * session.
@@ -111,6 +118,26 @@ module.exports.registerHeadersReceivedFilteringCB = (filteringFn) => {
 function registerForBeforeRequest (session, partition) {
   const isPrivate = module.exports.isPrivate(partition)
   session.webRequest.onBeforeRequest((details, muonCb) => {
+    if (partition === appConfig.tor.partition) {
+      if (isMagnetURL(details)) {
+        // Show a useful warning for magnet urls
+        showTorrentBlockedInTorWarning(details, muonCb)
+        return
+      }
+      if (!details.url) {
+        muonCb({ cancel: true })
+        return
+      }
+      // To minimize leakage risk, only allow whitelisted protocols in Tor
+      // sessions
+      const protocol = urlParse(details.url).protocol
+      if (!whitelistedTorProtocols.includes(protocol)) {
+        console.log('Blocked protocol from loading in tor tab:', protocol)
+        muonCb({ cancel: true })
+        return
+      }
+    }
+
     if (process.env.NODE_ENV === 'development') {
       let page = appUrlUtil.getGenDir(details.url)
       if (page) {
@@ -136,11 +163,6 @@ function registerForBeforeRequest (session, partition) {
       return
     }
 
-    if ((isMagnetURL(details)) && partition === appConfig.tor.partition) {
-      showTorrentBlockedInTorWarning(details, muonCb)
-      return
-    }
-
     const firstPartyUrl = module.exports.getMainFrameUrl(details)
     // this can happen if the tab is closed and the webContents is no longer available
     if (!firstPartyUrl) {