[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #4055 [EFF-HTTPS Everywhere]: HTTPS Everywhere breaks LastPass saved login

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #4055 [EFF-HTTPS Everywhere]: HTTPS Everywhere breaks LastPass saved login
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Tue, 27 Sep 2011 19:57:58 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 27 Sep 2011 15:58:18 -0400
In-reply-to: <047.a5a68e0e9459ea06d47e197d2c3068b1@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.a5a68e0e9459ea06d47e197d2c3068b1@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#4055: HTTPS Everywhere breaks LastPass saved login
----------------------------------+-----------------------------------------
 Reporter:  Kaeltis               |          Owner:  pde
     Type:  defect                |         Status:  new
 Priority:  minor                 |      Milestone:     
Component:  EFF-HTTPS Everywhere  |        Version:     
 Keywords:                        |         Parent:     
   Points:                        |   Actualpoints:     
----------------------------------+-----------------------------------------

Comment(by pde):

 This is an instance of a general bug we have with extensions that make
 HTTP
 requests which HTTPS Everywhere tries to rewrite into HTTPS requests:

 https://trac.torproject.org/projects/tor/ticket/3190

 There are three possible fixes:

 1. We disable the LastPass rule :(

 2. LastPass modifies its code to always use HTTPS, or to be aware of HTTPS
    Everywhere in the same way that the Request Policy extension did:
    https://trac.torproject.org/projects/tor/ticket/1574

 3. Mozilla implements an official request rewriting API so that extensions
    don't have to know about each other.

 We can do 1, but perhaps someone should post in that forum to see if
 LastPass
 woudl like to do 2?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4055#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #4055 [EFF-HTTPS Everywhere]: HTTPS Everywhere breaks LastPass saved login
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #4055 [EFF-HTTPS Everywhere]: HTTPS Everywhere breaks LastPass saved login
Next by Author: [tor-bugs] #4108 [Tor Client]: Silence warning "Bug: stream (marked at connection_edge.c:2224) sending two socks replies?"
Previous by thread: Re: [tor-bugs] #4055 [EFF-HTTPS Everywhere]: HTTPS Everywhere breaks LastPass saved login
Next by thread: [tor-bugs] #4056 [BridgeDB]: bridgedb tracebacks
Index(es):
- Author
- Thread