[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #3815 [EFF-HTTPS Everywhere]: context menu does not work on error pages
#3815: context menu does not work on error pages
----------------------------------+-----------------------------------------
Reporter: pde | Owner: pde
Type: defect | Status: new
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
For instance, per this report from Micah
When you go to a website that doesn't load and instead gives you a
certificate browser, and then click the context menu to disable that
rule, that website's rule doesn't appear in the list.
Or at least, that's what happened to me when I went to torrentfreak.com
yesterday on a freshly installed Firefox in Windows. I think
torrentfreak.com doesn't serve the whole certificate chain and I hadn't
cached the correct intermediary certificate, so it gave me a warning.
When I tried disabling the rule, the TorrentFreak rule wasn't in the
context menu, only Google Search was (which also seems strange).
This should be easy enough to recreate on any website with an HTTPS
Everywhere rule just by using an intercepting proxy that MITMs HTTPS and
serves it's own certificates.</blockquote>
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3815>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs