[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #12620 [Tor Browser]: Rebase TBB patches to Firefox 31 and add unit tests
#12620: Rebase TBB patches to Firefox 31 and add unit tests
-------------------------+-------------------------------------------------
Reporter: gk | Owner: tbb-team
Type: task | Status: new
Priority: major | Milestone:
Component: Tor | Version:
Browser | Keywords: TorBrowserTeam201408D, ff31-esr,
Resolution: | tbb-rebase, tbb-firefox-patch
Actual Points: | Parent ID:
Points: |
-------------------------+-------------------------------------------------
Comment (by arthuredelstein):
Replying to [comment:17 gk]:
> 1) What is the rationale for including the patch for #2874 into ESR 31?
Reading #2874 it seems to me the issue is resolved in ESR 31 by Mozilla
itself and comment:16:ticket:2874 does not convince me (yet) as there are
numerous ways to distinguish ESR 24 and ESR 31 users and we don't aim at
making them undistinguishable. I'd like to see the patches we need as a
kind of roadmap of things still in need of getting upstreamed and I wonder
how the patch in question would fit into that picture (but, admittedly,
maybe the picture is wrong to begin with)...
A comment in the Mozilla code suggests that Components.interfaces will be
removed at some point in the future, so in a sense this will be
upstreamed. But I see your point that we can't hope to make ESR24 and
ESR31 indistinguishable. So I think I'm persuaded that this patch can be
removed. I'll add a revert commit.
> 2) I wonder whether we should still include the patch for #5741. For
one, Mozilla fixed that leak
(https://bugzilla.mozilla.org/show_bug.cgi?id=751465). Then, we added a
unit test making sure that nothing gets backed out wrt the WebSocket
protocol which leads to another round of DNS bypassing tor
(https://bugzilla.mozilla.org/show_bug.cgi?id=971153).
Very nice!
> Now, we can even observe the respective notification in Torbutton to be
extra sure that no leaks happening (might be a good QA thing...).
Definitely. Is there a ticket for this?
> The only argument for including the patch in ESR 31 I currently can come
up with is that ws:// is the only protocol currently being tested in the
unit test. If that is a show-stopper, fair enough (I planned to add tests
for the remaining non-internal protocols + getting them merged into ESR
38).
Maybe open a ticket for those additional unit tests? Happy to revert this
patch if you think it's not needed.
Thanks for your help! :)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12620#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs