[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #2166 [EFF-HTTPS Everywhere]: Provide checkbox "Break sites to provide more security (where possible)"

To: undisclosed-recipients:;
Subject: [tor-bugs] #2166 [EFF-HTTPS Everywhere]: Provide checkbox "Break sites to provide more security (where possible)"
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Mon, 08 Nov 2010 11:26:15 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 08 Nov 2010 06:26:24 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bugs reporting list for trac <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#2166: Provide checkbox "Break sites to provide more security (where possible)"
----------------------------------+-----------------------------------------
 Reporter:  mikeperry             |       Owner:  pde
     Type:  enhancement           |      Status:  new
 Priority:  normal                |   Milestone:     
Component:  EFF-HTTPS Everywhere  |     Version:     
 Keywords:                        |      Parent:     
----------------------------------+-----------------------------------------
 We should add a flag that specifies that an exemption allows site
 functionality at the expense of security. The flag could also be present
 on rules that break functionality in favor of security, and on cookie
 flagging rules that set the secure bit on cookies that still need to be
 transmitted over http in some cases.

 With this syntax, we can then provide a UI option that says "Break sites
 to provide more security (where possible)". When checked, it would also
 disable the code that gives up on https redirects after the redirect limit
 has been reached.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2166>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #2166 [EFF-HTTPS Everywhere]: Provide checkbox "Break sites to provide more security (where possible)"
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #2166 [EFF-HTTPS Everywhere]: Provide checkbox "Break sites to provide more security (where possible)"
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #2165 [Company]: deb.torproject.org outage
Next by Author: [tor-bugs] #2167 [EFF-HTTPS Everywhere]: Block during extension updating process
Previous by thread: Re: [tor-bugs] #2165 [Company]: deb.torproject.org outage
Next by thread: Re: [tor-bugs] #2166 [EFF-HTTPS Everywhere]: Provide checkbox "Break sites to provide more security (where possible)"
Index(es):
- Author
- Thread