[tor-bugs] #15690 [Tor Browser]: Document how other extensions should ask to isolate their streams
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Apr 15 13:00:54 UTC 2015
#15690: Document how other extensions should ask to isolate their streams
-----------------------------+----------------------
Reporter: arma | Owner: tbb-team
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Tor Browser | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+----------------------
Comment (by gk):
Replying to [ticket:15690 arma]:
> I'm talking to a Firefox extension developer who is installing his
extension into Tor Browser and giving the resulting bundle to his users.
>
> His extension makes network requests, and it occurred to me that the new
per-tab stream isolation feature in Tor Browser probably lumps the
requests from his extension into the catch-all circuit.
This is true, yes.
> Is there a URL I can send him to that explains how his extension should
set its socks username/password (or whatever it needs to do) to request
its own isolation from Tor?
Not yet. We could write something and link to it from
https://trac.torproject.org/projects/tor/wiki/doc/TorBrowser/Hacking in
the Other Resources section. That said I am not sure whether there should
be anything done in this case at all as the paradigm is that we isolate
all requests to the URL bar domain in the current tab. But extensions
don't have anything like that. How is this supposed to work? The extension
hard-codes a particular domain and every time it "sees" particularly
formed requests which would get put on the catch-all circuit it sets the
socksname to this domain + increments the password if necessary?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15690#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list