[tor-bugs] #9623 [TorBrowserButton]: Referers being sent from hidden service websites
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Aug 31 02:30:48 UTC 2013
#9623: Referers being sent from hidden service websites
----------------------------------+-----------------------
Reporter: cypherpunks | Owner: mikeperry
Type: defect | Status: new
Priority: major | Milestone:
Component: TorBrowserButton | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
----------------------------------+-----------------------
Comment (by cypherpunks):
It looks like removing the referer spoofing feature was due to usability
issues.
https://www.torproject.org/projects/torbrowser/design/#deprecate
Here is my idea. By default, if it's a hidden service website in the
referer, don't send it to any other domain.
But what about a preference to enable smart referer feature for all
websites. It would make sense to integrate/combine this feature into
#9387. In short, it would be a good idea to simplify this slider to choose
between "usability" or "security" by adding any other missing preferences
like this referer spoofing.
Please share your opinions about this idea.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9623#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list