[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: A warning to proxy writers

On Thu, Apr 21, 2005 at 05:54:15AM -0400, Roger Dingledine wrote:
| On Tue, Apr 19, 2005 at 10:25:36AM +0100, Adam Langley wrote:
| > If the user doesn't have every protocol proxyied then an image link to
| > https:// or ftp:// etc could cause a non-Tor connection.
| Hi Adam,
| This is a nice list. Can you confirm that common browsers will
| automatically load a ftp:// image link? If so, we should really
| consider how to deal with that. :}

Get the firefox guys to start adding integration features.

Justification:  Browsers are big, complex bits of software, which will
do surprising things.  Some of those things, like "load an image via
ftp," are configurable, or handle-able by a proxy.  In other cases,
(flash, or javascript, which is now part of PDF) the proxy potentially
has to deal with the covert channel problem.  Things get easier if the
browser participates in protecting people's privacy.