Thus spake Drake Wilson (drake@xxxxxxxxxxxx): > > Heh, it turns out this has the same problem, at least with Pidgin. > > torhttp://link.com still creates an http hyperlink that when clicked > > on directly would be loaded outside of Tor. > > > > httptor://link.com does not create a hyperlink, though.. Nor does > > http+tor://link.com. > > Dear gods. > > Okay, I suppose that probably means that horse has already bolted. > This is sad. I tentatively retract my suggestion in light of that. Well I think that specifying that urls are technically officially supposed to be http+tor://, but that the http+ can be omitted gives us the best of both worlds. These urls seem to be then treated mostly correctly by dumb link parsers, because they will just become tor:// links if parsed, which would then work as normal. The exception is that https+tor:// may then be treated as just a tor:// url by a link parser, which effectively converts it into a torrified http url, dropping vital ssl support. Hence, I think we should also provide tors:// as an "unofficial" backup scheme for these cases. So no, your suggestion wasn't totally busted. It just required lots of attempts to make it actually be practical. :) -- Mike Perry Mad Computer Scientist fscked.org evil labs
Attachment:
pgpRzAqUH9wti.pgp
Description: PGP signature