[tor-bugs] #10419 [Firefox Patch Issues]: Can requests to 127.0.0.1 be used to fingerprint the browser?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jan 23 12:13:02 UTC 2014
#10419: Can requests to 127.0.0.1 be used to fingerprint the browser?
-------------------------------------+-------------------------------------
Reporter: mikeperry | Owner: mikeperry
Type: task | Status: needs_review
Priority: major | Milestone:
Component: Firefox Patch | Version:
Issues | Keywords: tbb-fingerprinting,
Resolution: | tbb-pref, MikePerry201401R
Actual Points: | Parent ID:
Points: |
-------------------------------------+-------------------------------------
Comment (by cypherpunks):
(cypherpunks2)
Okay, so I did test it *phew* and it turns out that LOCAL only refers to
RFC private addresses ''and not 127.0.0.1''.
But the following does work fine:
{{{
# Prevent Internet sites from requesting 127.0.0.1's resources.
Site 127.0.0.1
Accept from 127.0.0.1
Deny
# Prevent 127.0.0.1 from requesting Internet resources.
Site ALL
Deny from 127.0.0.1
}}}
As prefs:
{{{
user_pref("noscript.ABE.enabled", true);
user_pref("noscript.ABE.rulesets.SYSTEM", "# Prevent Internet sites from
requesting 127.0.0.1's resources.\nSite 127.0.0.1\nAccept from
127.0.0.1\nDeny\n\n# Prevent 127.0.0.1 from requesting Internet
resources.\nSite ALL\nDeny from 127.0.0.1");
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10419#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list