[tbb-bugs] #21537 [Applications/Tor Browser]: Consider ignoring secure cookies for .onion addresses
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Apr 9 21:07:07 UTC 2018
#21537: Consider ignoring secure cookies for .onion addresses
-------------------------------------------------+-------------------------
Reporter: micah | Owner: tbb-
| team
Type: enhancement | Status:
| needs_review
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-usability, | Actual Points:
TorBrowserTeam201804R, GeorgKoppen201804 |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by pospeselr):
Change looks good, only thing I'd suggest is moving the block at 3340 a
couple lines up before the Telemetry::Accumulate call ( since the enum
seems to be a question of cookie security, rather than http(s) ).
I also verified the hostURI that's passed in is already normalized, so we
don't have to worry about case insensitive string compare.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21537#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list