[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #21537 [Applications/Tor Browser]: Consider ignoring secure cookies for .onion addresses

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #21537 [Applications/Tor Browser]: Consider ignoring secure cookies for .onion addresses
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 13 Apr 2018 17:04:51 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 13 Apr 2018 13:05:02 -0400
In-reply-to: <045.0ace2f07d0081bc1f7f33253ec7a9ae4@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <045.0ace2f07d0081bc1f7f33253ec7a9ae4@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#21537: Consider ignoring secure cookies for .onion addresses
-------------------------------------------------+-------------------------
 Reporter:  micah                                |          Owner:  gk
     Type:  enhancement                          |         Status:
                                                 |  needs_review
 Priority:  Medium                               |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tbb-usability,                       |  Actual Points:
  TorBrowserTeam201804R, GeorgKoppen201804       |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------
Changes (by gk):

 * status:  assigned => needs_review
 * keywords:  tbb-usability, TorBrowserTeam201804, GeorgKoppen201804 => tbb-
     usability, TorBrowserTeam201804R, GeorgKoppen201804


Comment:

 Okay, how is `bug_21537_v4` (https://gitweb.torproject.org/user/gk/tor-
 browser.git/log/?h=bug_21537_v4)? Returning a boolean value made this
 slightly more complicated as we actually have more than two values to
 consider due to the telemtry part. But as we don't want to have the latter
 anyway, I just ripped it out. We can revisit that when we think we want to
 upstream that patch but that's a bit in the future as I am not sure
 whether Mozilla would take it right now anyway. There is no easy way
 around the HTTPS = secure equation for cookies I am afraid...

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21537#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #25627 [Core Tor/Torsocks]: tsocks_gethostbyaddr_r scribbles garbage over data->hostname and then relies on it
Next by Author: Re: [tor-bugs] #23121 [Applications/Torbutton]: Allow adding "New tor circuit" icon to the toolbar
Previous by thread: Re: [tor-bugs] #21537 [Applications/Tor Browser]: Consider ignoring secure cookies for .onion addresses
Next by thread: Re: [tor-bugs] #21537 [Applications/Tor Browser]: Consider ignoring secure cookies for .onion addresses
Index(es):
- Author
- Thread