[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #11763 [TorBrowserButton]: Double clicking OK button after proxy change disables all security settings

Subject: [tor-bugs] #11763 [TorBrowserButton]: Double clicking OK button after proxy change disables all security settings
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 06 May 2014 07:04:19 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 06 May 2014 03:04:35 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#11763: Double clicking OK button after proxy change disables all security settings
------------------------------+---------------------------
 Reporter:  scissors          |          Owner:  mikeperry
     Type:  defect            |         Status:  new
 Priority:  normal            |      Milestone:
Component:  TorBrowserButton  |        Version:
 Keywords:                    |  Actual Points:
Parent ID:                    |         Points:
------------------------------+---------------------------
 Tested on TorBrowser 3.6 Linux and Windows.

 Steps to reproduce bug:
 * Click Torbutton -> Preferences
 * Select Transparent Torification
 * Double click the OK button (to reliably reproduce bug click as many
 times as you can)

 All security settings are now disabled. The "Are you sure you want to
 enable plugins?" warning pop-up will appear (unless plugins were already
 enabled, or you've ticked the 'Never ask me again' box). Opening up
 Torbutton preferences again and looking at the Security Settings tab shows
 that all four are disabled, about:config confirms they are disabled. The
 full list of disabled settings is:
 * block_disk
 * no_tor_plugins
 * resist_fingerprinting
 * resize_new_windows
 * restrict_thirdparty

 The settings remain disabled even after setting the proxy mode back to
 'recommended'. This bug is independent of whether a transparent proxy is
 actually available or not.

 Because the preferences window freezes for up to several seconds after
 pressing OK when Transparent Torification is selected (presumably as the
 remote check is performed), multiple-clicking the OK button is a natural
 reaction. Clearly this bug is a risk as users (especially those with flash
 already enabled/having clicked 'Never ask me again') are unaware that
 these settings are being disabled and they remain disabled until manually
 changed back.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11763>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #11763 [TorBrowserButton]: Double clicking OK button after proxy change disables all security settings
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #11763 [TorBrowserButton]: Double clicking OK button after proxy change disables all security settings
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #11763 [TorBrowserButton]: Double clicking OK button after proxy change disables all security settings
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #11763 [TorBrowserButton]: Double clicking OK button after proxy change disables all security settings
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #11763 [TorBrowserButton]: Double clicking OK button after proxy change disables all security settings
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #11763 [TorBrowserButton]: Double clicking OK button after proxy change disables all security settings
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #11763 [TorBrowserButton]: Double clicking OK button after proxy change disables all security settings
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #11762 [- Select a component]: Get Your Body Ripped By Using Max Muscle Lean
Next by Author: Re: [tor-bugs] #11730 [Website]: Please link to the Turkish version of the Tor Browser
Previous by thread: [tor-bugs] #11762 [- Select a component]: Get Your Body Ripped By Using Max Muscle Lean
Next by thread: Re: [tor-bugs] #11763 [TorBrowserButton]: Double clicking OK button after proxy change disables all security settings
Index(es):
- Author
- Thread