[tor-dev] HTTP-requesting browser extension WIP (works in Firefox, not in Tor Browser)
David Fifield
david at bamsoftware.com
Sun Mar 16 09:48:34 UTC 2014
On Tue, Mar 11, 2014 at 10:31:16PM -0700, David Fifield wrote:
> On Tue, Mar 11, 2014 at 05:22:37PM -0400, Mark Smith wrote:
> > On 3/10/14, 11:23 PM, David Fifield wrote:
> > >I started trying to write a Firefox extension that makes HTTP requests
> > >outside of the proxy settings. I have one that works in Iceweasel 24.3
> > >and does the Host header trick used by the transport. However it doesn't
> > >work in Tor Browser, and I'm looking for some insight as to why it might
> > >be so.
> > >
> > >The source code of the extension is in the "firefox" directory of
> > > git clone -b extension https://www.bamsoftware.com/git/meek.git
> > >Instructions on how to try it are: https://developer.mozilla.org/en-US/docs/Building_an_Extension#Test.
> > >I also pasted the important JavaScript code at the end of this message.
> >
> > I looked at this for a few minutes but ran out of time for today.
> >
> > When I dump aStatus in your onStopRequest function, I get 2152398890
> > which is 0x804B002A which is NS_ERROR_UNKNOWN_PROXY_HOST (see
> > https://developer.mozilla.org/en-US/docs/Table_Of_Errors).
> >
> > I am not sure what that means but it sounds interesting.
>
> Thanks for finding this clue. It appears to me that the critical
> difference is in the network.proxy.socks_remote_dns setting. My
> Iceweasel had it false and Tor Browser had it true. If it make it true
> in Iceweasel, the extension fails; if I make it false in Tor Browser,
> the extension succeeds. I'll see if there's a way to make it work with
> socks_remote_dns=true.
I made a mistake when I said this. The issue turns out not to be the
socks_remote_dns setting. The extension works in Iceweasel whether
socks_remote_dns is true or false, but works in Tor Browser only when it
is false. Mike traced the cause to this patch in Tor Browser, which
guard against DNS leaks by prohibiting name lookups when
socks_remote_dns=true, which is its default setting.
https://gitweb.torproject.org/tor-browser.git/commitdiff/5069a3ee8fa51546a8ad582e6004be66bc9748aa
If I undo that patch, the extension works in Tor Browser with no other
changes.
I wrote a summary of the situation here:
https://trac.torproject.org/projects/tor/ticket/11183#comment:6
David Fifield
More information about the tor-dev
mailing list