[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #15502 [Tor Browser]: URI.createObjectURL() considered harmful (was: Blob URIs considered harmful)

Subject: Re: [tor-bugs] #15502 [Tor Browser]: URI.createObjectURL() considered harmful (was: Blob URIs considered harmful)
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 07 Apr 2015 21:12:11 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 07 Apr 2015 17:12:22 -0400
In-reply-to: <049.cf73e12d1d96f648a7b8ceb937bbb35d@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.cf73e12d1d96f648a7b8ceb937bbb35d@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#15502: URI.createObjectURL() considered harmful
-------------------------+-------------------------------------------------
     Reporter:           |      Owner:  arthuredelstein
  mikeperry              |     Status:  assigned
         Type:  defect   |  Milestone:
     Priority:  major    |    Version:
    Component:  Tor      |   Keywords:  tbb-linkability, tbb-newnym,
  Browser                |  tbb-4.5-alpha, TorBrowserTeam201504
   Resolution:           |  Parent ID:
Actual Points:           |
       Points:           |
-------------------------+-------------------------------------------------

Comment (by mikeperry):

 Unfortunately, there's another case where this will bite us. The
 mediasource: scheme was created alongside VP9, and is currently used by
 youtube to play VP9 videos. mediasource URIs contain javascript handlers
 created by the MediaSource API, and are created by URI.createObject():
 https://html5-mediasource-api.googlecode.com/svn/tags/0.1/draft-spec
 /mediasource-draft-spec.html#examples

 It's not clear if URI.createObject() in that example is a typo for
 URL.createObjectURL(), or another API. Firefox 37 does not have a
 URI.createObject() or a URL.createObject().

 MediaSource support is currently present but disabled by default in
 Firefox 31. You need to set the prefs 'media.mediasource.enabled' and
 'media.mediasource.webm.enabled' to true in order for mediasource: URIs to
 be created. This means we may be able to get away with disabling
 URI.createObjectURL() for now, but once we hit FF38-ESR, we'll need to
 enable+isolate it, or Youtube will break.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15502#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #15620 [BridgeDB]: Leekspin should be able to create HS descriptors
Next by Author: Re: [tor-bugs] #14958 [Tor]: address/get_if_addrs_ifaddrs and address/get_if_addrs_ioctl fail in FreeBSD jails
Previous by thread: Re: [tor-bugs] #15621 [Tor]: Kill the pre-version 3 intro protocol code with fire.
Next by thread: Re: [tor-bugs] #11600 [Tor]: Strange nameserver fail warning in Tor log
Index(es):
- Author
- Thread