[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #9901 [TorBrowserButton]: DoS of TBB when no Content-Type header and more than 512 bytes of content are sent
#9901: DoS of TBB when no Content-Type header and more than 512 bytes of content
are sent
-------------------------+-------------------------------------------------
Reporter: sqrt2 | Owner: mikeperry
Type: defect | Status: reopened
Priority: normal | Milestone:
Component: | Version:
TorBrowserButton | Keywords: tbb-usability, interview, tbb-crash
Resolution: | Parent ID:
Actual Points: |
Points: |
-------------------------+-------------------------------------------------
Comment (by gk):
Replying to [comment:79 mikeperry]:
> Btw, the right fix here could knock out #1079 and possibly also #7439.
See #7439 for suggestions on the message text, and #10482 for some other
usability complaints about the current dialog.
I've been thinking about this over the weekend. This issue bugs amany of
our users (there are a lot of possible duplicates floating around, there
are reports on IRC, etc.) but the right fix won't be available easily.
What if we use this ticket as (another) stopgap for the 3.6 release (which
is probably within the next two weeks) and doing either a fix a la comment
75 or by hooking the console service to get rid of the error messages. The
real fix as mentioned in comment 74 would then be saved for #1079. This
way, we have time to design this properly while avoiding unnecessary
browser freezes which can be super annoying.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9901#comment:80>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs