[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: torbutton webpage comments

To: Mike Perry <mikeperry@xxxxxxxxxx>, or-talk@xxxxxxxxxxxxx
Subject: Re: torbutton webpage comments
From: "Eric H. Jung" <eric.jung@xxxxxxxxx>
Date: Wed, 12 Dec 2007 08:20:44 -0800 (PST)
Cc: squires@xxxxxxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Wed, 12 Dec 2007 11:20:54 -0500
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=4+mYb+Jsnvp+9gwDJsifknxj84vNOxTJieM9mtNas23Dz6v8zm89ohVSRDq2I7r4aKOdwd0Wy733C962IsV7l2ySBoxIgzkbvgnZi0MK6Qx/U48mMk6ADmPXiBJh96uWClX3bYgN5io7iUWyXin/qs4JihnEB2GDUt6EX5Q7Bok=;
In-reply-to: <20071210222541.GB22593@xxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

--- Mike Perry <mikeperry@xxxxxxxxxx> wrote:

> My apologies. The statement has been corrected.

Thank you!

> My guess is your problems arise from this issue being the case with
> nsIProtocolProxyFilter, right?  

Yes. Mapping nsIURI instances to tabs (when applicable) is the heart of the problem.

> My suggestion would be recording this
> context from somewhere that recieves the event first and making a
> cache. Torbutton does this with its content-window-mapper:
> https://tor-svn.freehaven.net/svn/torbutton/trunk/src/components/window-mapper.js

I've had a look through this. Thank you very kindly. This seems to tabs to windows.

> That component may be helpful for you to use as a starting point to
> map DOMWindows to tabbrowsers, but you probably need another layer for
> URLs themselves.  

Precisely.

> Probably you want to go with a dummy
> nsIContentPolicy that gets the window for a URL fetch (see
> https://tor-svn.freehaven.net/svn/torbutton/trunk/src/components/cssblocker.js
> for how torbutton does this), then use the torbutton window mapper to
> map this to a tabbrowser, then use your own custom component to map
> that URL to that tabbrowser..

Excellent idea, and one that I haven't yet tried. I have some questions about cssblocker.js, but
maybe it's better to take them off-list?

> If you are real lucky, your nsIContentPolicy will always be called
> before your nsIProtocolProxyFilter, and thus your URL->tabbrowser
> mapper will always have the correct (and most recent/current)
> tabbrowser, which you would then use to look up the appropriate proxy
> in your filter based on the tabbrowser's contentWindow.top.location
> URL instead of the one handed to nsIProtocolProxyFilter.applyFilter.

In theory this would work, but I'm hesitant to change that part of FoxyProxy right now ("patterns"
mode) since it works very well. The nsURI to tabbrowser mapping would best be used in a new
FoxyProxy mode ("proxy-per-tab"). The user may choose to keep some tabs/browsers in patterns mode
and others in proxy-per-tab mode, in which case both of these algorithms would be in use.

> If you are no so lucky wrt to the ordering of those two interface
> calls, perhaps the doc loader service can provide you with similar
> context information that you can cache, but its unclear if this will
> give you ALL url evens like the content policy will:
> http://www.xulplanet.com/references/xpcomref/comps/c_docloaderservice1.html

It's not clear to me what you're getting at here. Once I have a tab associated to an nsURI
instance, isn't that enough to select the correct proxy?

> The page has been updated. Again, sorry for spreading any
> misinformation. I hope we can work together to provide users with as
> many secure and easy to use privacy-enhancing options as possible.

Thank you. I also hope we can work together, too.

> Please feel free to borrow any Torbutton source code to help improve
> FoxyProxy. I will be posting a design document within a week or so
> that should help you more easily navigate all the crazy hacks I have
> done to deal with the various idiosyncrasies of Firefox component
> behavior and context wrt privacy and safe Tor usage.

Looking forward to the document, and thanks for the invitation to borrow. Should we take this
off-list?

Sincerely,
Eric Jung

References:
- Re: torbutton webpage comments
  - From: Mike Perry

Prev by Author: Re: Proxies anyone
Next by Author: Re: Best Hardware for TOR server..
Previous by thread: Re: torbutton webpage comments
Next by thread: Re: torbutton webpage comments
Index(es):
- Author
- Thread