[tbb-bugs] #32414 [Applications/Tor Browser]: window.external.AddSearchProvider request goes through catch-all-circuit
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jan 10 17:05:35 UTC 2020
#32414: window.external.AddSearchProvider request goes through catch-all-circuit
-------------------------------------------------+-------------------------
Reporter: acat | Owner: acat
Type: defect | Status:
| needs_review
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-linkability, | Actual Points:
TorBrowserTeam202001R |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by acat):
* keywords: tbb-linkability, TorBrowserTeam202001 => tbb-linkability,
TorBrowserTeam202001R
* status: assigned => needs_review
Comment:
Patch for review in https://github.com/acatarineu/tor-
browser/commit/32414.
The requests that were not respecting FPI were the .xml and icons fetches
when `Services.search.addEngine` is used to add an engine. From web
content, this can be via the (deprecated) API `external.AddSearchProvider`
or via the page action that is added when a page has a `<link rel="search"
type="application/opensearchdescription+xml"...` tag.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32414#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list