[tor-bugs] #18101 [Applications/Tor Browser]: IP leak from Windows UI dialog with URI
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Nov 12 13:13:15 UTC 2017
#18101: IP leak from Windows UI dialog with URI
-------------------------------------------------+-------------------------
Reporter: uileak | Owner:
| arthuredelstein
Type: defect | Status:
| needs_revision
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution:
Keywords: tbb-disk-leak, tbb-proxy-bypass, | Actual Points:
TorBrowserTeam201711 |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by cypherpunks):
Replying to [comment:66 arthuredelstein]:
> I foraged through the Windows API
Have you foraged em'all? :)
> In this hack
As it's a hack, could you make it disableable via a pref?
> just before the file dialog is created, I set a hook function for window
creation. I use some heuristics to identify the File Dialog window, and
then I add a second hook that listens for the "Open" command from the user
(by button click, enter key, or keyboard shortcut).
and button tap ;)
> Before the "Open" command can propagate, I check the text in the
dialog's filename text field to see if it looks like a URI, and if so, I
clear the text and show an error message to the user explaining that URIs
are not allowed.
In the "Open File..." dialog, you can grab that URI and open it, because
it's a browser! :)
> I confirmed this approach prevents any DNS leak.
What DNS leak? You use OS's feature to load URIs using system proxy
settings or you don't.
> Instead of clearing the text, it would be better to cancel the "Open"
command and leave the text unchanged
and user would say WTF?!
> but so far I haven't found a way to do that. But I think the usability
awkwardness is acceptable, especially given that we explain to the user
what has gone wrong.
Until TBB can handle URIs...
> Anyway, the next step will be to turn this into a patch in Tor Browser.
And check the security suites wouldn't mind.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18101#comment:67>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list