[tor-bugs] #22170 [Applications/Tor Browser]: Check uses of ch.boye.httpclientandroidlib.impl.client.* for proxy safety on Android
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jul 31 21:52:20 UTC 2018
#22170: Check uses of ch.boye.httpclientandroidlib.impl.client.* for proxy safety
on Android
-------------------------------------------------+-------------------------
Reporter: gk | Owner: sysrqb
Type: defect | Status:
| accepted
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: ff52-esr, tbb-mobile, | Actual Points:
TorBrowserTeam201807 |
Parent ID: #21863 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by sysrqb):
The only remaining code that can bypass the proxy is in Adjust. We don't
include Adjust at build-time, so this is not a problem.
For those wondering "What is Adjust?":
{{{
Fennec (Firefox for Android) tracks certain types of installs using a
third party install tracking
framework called Adjust. The intention is to determine the origin of
Fennec installs by answering
the question, "Did this user on this device install Fennec in response to
a specific advertising
campaign performed by Mozilla?"
}}}
`mobile/android/docs/adjust.rst`
All other usage of `ch.boye.httpclientandroidlib.impl.client.*` is via
`BaseResource` which is proxy-safe.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22170#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list