[tor-bugs] #2193 [EFF-HTTPS Everywhere]: Facebook <securecookie> rules break apps
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Wed Nov 17 20:54:00 UTC 2010
#2193: Facebook <securecookie> rules break apps
-----------------------------------+----------------------------------------
Reporter: pde | Owner: pde
Type: defect | Status: closed
Priority: blocker | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Resolution: implemented | Keywords:
Parent: |
-----------------------------------+----------------------------------------
Changes (by pde):
* status: new => closed
* resolution: => implemented
Comment:
The workaround for 0.3.0 is to move the Facebook <securecookie> rules,
along with an http://apps.facebook.com -> https://apps.facebook.com rule,
into an optional, off-by-default Facebook+ ruleset. That ruleset either
(1) breaks Facebook apps, or (2) may require you to accept a
www.facebook.com cert for apps.facebook.com, depending on your
persepective.
Facebook have told us that this problem will eventually go away, but they
can't commit to a timeline. When that happens, the Facebook+ ruleset can
be merged back into the main one.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2193#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list