[tor-bugs] #8725 [Applications/Tor Browser]: resource:// URIs leak information
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jun 3 23:17:27 UTC 2016
#8725: resource:// URIs leak information
-------------------------------------------------+-------------------------
Reporter: holizz | Owner: tbb-
Type: defect | team
Priority: Very High | Status: new
Component: Applications/Tor Browser | Milestone:
Severity: Major | Version:
Keywords: tbb-fingerprinting, tbb-rebase- | Resolution:
regression, tbb-testcase, tbb-firefox-patch | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by yawning):
Replying to [comment:19 cypherpunks]:
> I have a workaround for this.
> Can you please look at https://addons.mozilla.org/en-US/firefox/addon
/no-resource-uri-leak/ ?
As far as I can tell the approach you're taking is the only way to do this
(the `http-on-modify-request` event does not fire for `resource://` URLs
for obvious reasons, so a content policy is required). Not sure what the
Tor Browser policy is on licensing.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8725#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list