[tor-bugs] #16269 [meek]: add-on compatibility check occurs repeatedly
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jun 2 21:50:22 UTC 2015
#16269: add-on compatibility check occurs repeatedly
------------------------+-----------------
Reporter: mcs | Owner: dcf
Type: defect | Status: new
Priority: normal | Milestone:
Component: meek | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
------------------------+-----------------
Comment (by dcf):
Replying to [comment:2 mcs]:
> Replying to [comment:1 dcf]:
> > We actually don't want to save network.proxy.socks_remote_dns=false in
prefs.js; it's meant to be a change in memory only.
>
> Hmmm. I wish there was a way to do this in a less fragile way. Would
it be acceptable to use a default preferences file inside the meek HTTP
extension...
That's exactly how it works now. The helper browser profile has its own
prefs that are separate from the normal Tor Browser prefs. (It might
inherit Tor Browser settings for anything that's unset, I'm not sure, but
it overrides everything that matters for this ticket.)
But I want the default in the helper's prefs to be
network.proxy.socks_remote_dns=true, because that's a safe setting if
something goes wrong (like the extension fails to load) and the headless
browser unexpectedly appears on screen. If that happens, we at least want
the browser to be non-functional (which it is, thanks to a default
blackhole proxy setting) and not leak DNS (which it does not, thanks to
network.proxy.socks_remote_dns=true). The main idea is that ''only'' the
extension should be able to disable the safe default and make local DNS
requests, because the extension knows what it's doing.
We used to have network.proxy.socks_remote_dns=false, an unsafe fallback,
but changed it in #12674. (I meant to link to #12674 in comment:1 but
messed it up.) The way it works now is intended to make it so that if
something breaks, it breaks in a safe way.
https://gitweb.torproject.org/builders/tor-browser-bundle.git/tree
/Bundle-Data/PTConfigs/meek-http-helper-
user.js?id=0119a3c15711a66c76496d6e8e55511782140ec1#n21
In sum, we want to save the updated prefs after an upgrade (to solve this
ticket), but we don't want to save network.proxy.socks_remote_dns=false.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16269#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list