tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE
commit 49dbde2ae8f9985a4f049823542580bcc29398e9
parent fadfd89de8477f3e298496c1b1d91d8825d93a8f
Author: groovecoder <71928+groovecoder@users.noreply.github.com>
Date:   Mon,  6 Oct 2025 17:58:08 +0000

Bug 1992746 - fix(relay): prevent offering Relay on denylisted origins r=credential-management-reviewers,mtigley

Update RelayOffered.autocompleteItemsAsync to check the denylist
before adding Relay to the autocomplete options drop-down.

Differential Revision: https://phabricator.services.mozilla.com/D267620

Diffstat:

Mtoolkit/components/passwordmgr/test/browser/browser_relay_use.js | 34++++++++++++++++++----------------


Mtoolkit/components/satchel/integrations/FirefoxRelay.sys.mjs | 4++++


2 files changed, 22 insertions(+), 16 deletions(-)

diff --git a/toolkit/components/passwordmgr/test/browser/browser_relay_use.js b/toolkit/components/passwordmgr/test/browser/browser_relay_use.js
@@ -7,28 +7,30 @@ const TEST_URL_PATH = `https://example.org${DIRECTORY_PATH}form_basic_signup.htm
 
 add_task(
   async function test_site_on_denyList_does_not_show_Relay_to_signed_in_browser() {
-    await setupRelayScenario("enabled");
     const sandbox = stubFxAccountsToSimulateSignedIn();
     // Set up denylist for "example.org"
     const rsSandbox = await stubRemoteSettingsDenyList([
       { domain: "example.org" },
     ]);
-    await BrowserTestUtils.withNewTab(
-      {
-        gBrowser,
-        url: TEST_URL_PATH,
-      },
-      async function (browser) {
-        const popup = document.getElementById("PopupAutoComplete");
-        await openACPopup(popup, browser, "#form-basic-username");
+    for (const scenario of ["available", "offered", "enabled", "disabled"]) {
+      await setupRelayScenario(scenario);
+      await BrowserTestUtils.withNewTab(
+        {
+          gBrowser,
+          url: TEST_URL_PATH,
+        },
+        async function (browser) {
+          const popup = document.getElementById("PopupAutoComplete");
+          await openACPopup(popup, browser, "#form-basic-username");
 
-        const relayItem = getRelayItemFromACPopup(popup);
-        Assert.ok(
-          !relayItem,
-          "Relay item SHOULD NOT be present in the autocomplete popup when the site is on the deny-list, even if the user is signed into the browser."
-        );
-      }
-    );
+          const relayItem = getRelayItemFromACPopup(popup);
+          Assert.ok(
+            !relayItem,
+            "Relay item SHOULD NOT be present in the autocomplete popup when the site is on the deny-list, even if the user is signed into the browser."
+          );
+        }
+      );
+    }
     sandbox.restore();
     rsSandbox.restore();
   }
diff --git a/toolkit/components/satchel/integrations/FirefoxRelay.sys.mjs b/toolkit/components/satchel/integrations/FirefoxRelay.sys.mjs
@@ -554,6 +554,10 @@ async function shouldShowRelay(origin) {
 
 class RelayOffered {
   async *autocompleteItemsAsync(origin, scenarioName, hasInput) {
+    const originOnDenyList = await shouldNotShowRelay(origin);
+    if (originOnDenyList) {
+      return;
+    }
     const hasFxA = await hasFirefoxAccountAsync();
     const showRelayOnAllowlistSiteToAllUsers =
       Services.prefs.getBoolPref(gConfig.showToAllBrowsersPref, false) &&