[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #16269 [meek]: add-on compatibility check occurs repeatedly



#16269: add-on compatibility check occurs repeatedly
------------------------+-----------------
     Reporter:  mcs     |      Owner:  dcf
         Type:  defect  |     Status:  new
     Priority:  normal  |  Milestone:
    Component:  meek    |    Version:
   Resolution:          |   Keywords:
Actual Points:          |  Parent ID:
       Points:          |
------------------------+-----------------

Comment (by dcf):

 Replying to [comment:2 mcs]:
 > Replying to [comment:1 dcf]:
 > > We actually don't want to save network.proxy.socks_remote_dns=false in
 prefs.js; it's meant to be a change in memory only.
 >
 > Hmmm.  I wish there was a way to do this in a less fragile way.  Would
 it be acceptable to use a default preferences file inside the meek HTTP
 extension...

 That's exactly how it works now. The helper browser profile has its own
 prefs that are separate from the normal Tor Browser prefs. (It might
 inherit Tor Browser settings for anything that's unset, I'm not sure, but
 it overrides everything that matters for this ticket.)

 But I want the default in the helper's prefs to be
 network.proxy.socks_remote_dns=true, because that's a safe setting if
 something goes wrong (like the extension fails to load) and the headless
 browser unexpectedly appears on screen. If that happens, we at least want
 the browser to be non-functional (which it is, thanks to a default
 blackhole proxy setting) and not leak DNS (which it does not, thanks to
 network.proxy.socks_remote_dns=true). The main idea is that ''only'' the
 extension should be able to disable the safe default and make local DNS
 requests, because the extension knows what it's doing.

 We used to have network.proxy.socks_remote_dns=false, an unsafe fallback,
 but changed it in #12674. (I meant to link to #12674 in comment:1 but
 messed it up.) The way it works now is intended to make it so that if
 something breaks, it breaks in a safe way.
   https://gitweb.torproject.org/builders/tor-browser-bundle.git/tree
 /Bundle-Data/PTConfigs/meek-http-helper-
 user.js?id=0119a3c15711a66c76496d6e8e55511782140ec1#n21

 In sum, we want to save the updated prefs after an upgrade (to solve this
 ticket), but we don't want to save network.proxy.socks_remote_dns=false.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16269#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs