[tbb-bugs] #23545 [Applications/Tor Browser]: UX improvement: Tor Browser should handle bogus HSv3 addresses
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Apr 12 12:33:33 UTC 2019
#23545: UX improvement: Tor Browser should handle bogus HSv3 addresses
-------------------------------------------------+-------------------------
Reporter: asn | Owner: tbb-
| team
Type: defect | Status: new
Priority: Medium | Milestone: Tor:
| unspecified
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tor-hs, prop224, ux-team, | Actual Points:
034-triage-20180328, 034-removed-20180328 | Points:
Parent ID: #30022 | network-team: 5-10
Reviewer: | Sponsor:
| Sponsor27-must
-------------------------------------------------+-------------------------
Changes (by asn):
* points: => network-team: 5-10
Comment:
We talked with GeKo and nickm today about this. The Right Way to do this
is to use the `HTTPTunneLPort` option which provides an `HTTP CONNECT`
proxy, which is more extensible than the SOCKS proxy we are currently
using when it comes to errors etc.
Unfortunately, currently TB does not use the HTTP CONNECT proxy, so we
would need to do some tinkering especially when it comes to first-party
isolation etc. Supposedly the little-t-tor side supports first-party
isolation using the `X-Tor-Stream-Isolation` header or the `Proxy-
Authorization` header, but it's been widely untested.
Furthermore we would need to start a spec file (maybe on the tbb side)
defining the new error codes that we would use for this deliverable and
also for o2a4.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23545#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list