[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #10394 [Applications/Tor Browser]: Torbrowser's updater updates HTTPS-everywhere
#10394: Torbrowser's updater updates HTTPS-everywhere
-------------------------------------------------+-------------------------
Reporter: StrangeCharm | Owner: tbb-
| team
Type: task | Status:
| needs_information
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-security, https-everywhere, | Actual Points:
TorBrowserTeam202006R |
Parent ID: | Points:
Reviewer: gk | Sponsor:
-------------------------------------------------+-------------------------
Changes (by gk):
* status: needs_review => needs_information
Comment:
Replying to [comment:40 rustybird]:
> Here's a small patch.
>
> I tested it on top of TB 9.0.10 (rezipped omni.ja), with
`extensions.update.interval` set to `60` seconds, by watching requests via
`SETEVENTS STREAM` on a tor control port: The eff.org version check ping
is gone. It's even more obvious if the NoScript ID is added to the patch
as well, then there's no update traffic at all.
The permission path is an interesting idea. I had some hope we could get
this ticket fixed without carrying yet another patch for it with us but I
like the UX changes etc. we basically get for free with it. Plus no
changes needed to the extension whatsoever and no weird console error
messages either.
Maybe we could include this patch as part of our "don't block our unsigned
extensions" patch where HTTPS-Everywhere is the only extensions left
anyway.
rustybird: have you checked whether the ruleset updates are unaffected by
your patch (because those are updates we want to keep getting)?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10394#comment:44>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs