[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #17965 [Tor Browser]: Isolate HPKP pinning to url bar domain
#17965: Isolate HPKP pinning to url bar domain
-------------------------------------------------+-------------------------
Reporter: mikeperry | Owner: tbb-
Type: defect | team
Priority: High | Status:
Component: Tor Browser | needs_revision
Severity: Normal | Milestone:
Keywords: tbb-linkability, | Version:
TorBrowserTeam201601R | Resolution:
Parent ID: | Actual Points:
Sponsor: | Points:
-------------------------------------------------+-------------------------
Changes (by gk):
* status: needs_review => needs_revision
Comment:
I did not look much on the patch yet but decided to try some test bundles
with it. It breaks at least HTTPS-E and it seems in a way that sites like
facebook.com are not working anymore. In the error console I get:
{{{
NS_ERROR_XPC_NOT_ENOUGH_ARGS: Not enough arguments
[nsISiteSecurityService.isSecureURI] HTTPS.js:43:0
}}}
Without HTTPS-E it is loading but still there are issues visible:
{{{
Handler function NRL_getSecurityInfo threw an exception: [Exception...
"Not enough arguments [nsISiteSecurityService.isSecureHost]" nsresult:
"0x80570001 (NS_ERROR_XPC_NOT_ENOUGH_ARGS)" location: "JS frame ::
resource://gre/modules/commonjs/toolkit/loader.js ->
resource://gre/modules/devtools/toolkit/webconsole/network-helper.js ::
NH_parseSecurityInfo :: line 621" data: no]
Stack:
NH_parseSecurityInfo@resource://gre/modules/commonjs/toolkit/loader.js ->
resource://gre/modules/devtools/toolkit/webconsole/network-
helper.js:621:20
NRL_getSecurityInfo@resource://gre/modules/commonjs/toolkit/loader.js ->
resource://gre/modules/devtools/toolkit/webconsole/network-
monitor.js:222:15
makeInfallible/<@resource://gre/modules/commonjs/toolkit/loader.js ->
resource://gre/modules/devtools/DevToolsUtils.js:82:13
NRL_onStartRequest@resource://gre/modules/commonjs/toolkit/loader.js ->
resource://gre/modules/devtools/toolkit/webconsole/network-
monitor.js:207:4
Line: 621, column: 0
}}}
We might want to think about a different approach than "just" adding an
additional parameter to nsISiteSecureService methods.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17965#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs