[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #18741 [Tor Browser]: OCSP and favicon isolation is only partly working in ESR 45 (was: OCSP and Favicon isolation is only partly working in ESR 45)



#18741: OCSP and favicon isolation is only partly working in ESR 45
-------------------------+--------------------------
 Reporter:  gk           |          Owner:  tbb-team
     Type:  defect       |         Status:  new
 Priority:  High         |      Milestone:
Component:  Tor Browser  |        Version:
 Severity:  Major        |     Resolution:
 Keywords:  ff45-esr     |  Actual Points:
Parent ID:               |         Points:
 Reviewer:               |        Sponsor:
-------------------------+--------------------------
Description changed by gk:

Old description:

> We might need a fixup patch for our OCSP and Favicon isolation in ESR45.
> If one takes `https://dist.torproject.org` as an example URL I can see
> things like
> {{{
> [01-01 00:00] Torbutton INFO: tor SOCKS:
> https://dist.torproject.org/favicon.ico via torproject.org:0
> [01-01 00:00:00] Torbutton INFO: tor SOCKS:
> https://dist.torproject.org/favicon.ico via --NoFirstPartyHost-chrome-
> browser.xul--:0
> }}}
> and
> {{{
> [01-01 00:00:00] Torbutton INFO: tor SOCKS: http://ocsp.digicert.com/ via
> torproject.org:0
> [01-01 00:00:0] Torbutton INFO: tor SOCKS: http://ocsp.digicert.com/ via
> --nofirstpartyhost-chrome-browser.xul--:0
> }}}
> in the log output. Note the differing `nofirstpartyhost-chrome-
> browser.xul` and `Nofirstpartyhost-chrome-browser.xul`.

New description:

 We might need a fixup patch for our OCSP and favicon isolation in ESR45.
 If one takes `https://dist.torproject.org` as an example URL I can see
 things like
 {{{
 [01-01 00:00:00] Torbutton INFO: tor SOCKS:
 https://dist.torproject.org/favicon.ico via torproject.org:0
 [01-01 00:00:00] Torbutton INFO: tor SOCKS:
 https://dist.torproject.org/favicon.ico via --NoFirstPartyHost-chrome-
 browser.xul--:0
 }}}
 and
 {{{
 [01-01 00:00:00] Torbutton INFO: tor SOCKS: http://ocsp.digicert.com/ via
 torproject.org:0
 [01-01 00:00:0=] Torbutton INFO: tor SOCKS: http://ocsp.digicert.com/ via
 --nofirstpartyhost-chrome-browser.xul--:0
 }}}
 in the log output. Note the differing `nofirstpartyhost-chrome-
 browser.xul` and `Nofirstpartyhost-chrome-browser.xul`.

--

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18741#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs