[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #2193 [EFF-HTTPS Everywhere]: Facebook <securecookie> rules break apps
#2193: Facebook <securecookie> rules break apps
-----------------------------------+----------------------------------------
Reporter: pde | Owner: pde
Type: defect | Status: closed
Priority: blocker | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Resolution: implemented | Keywords:
Parent: |
-----------------------------------+----------------------------------------
Changes (by pde):
* status: new => closed
* resolution: => implemented
Comment:
The workaround for 0.3.0 is to move the Facebook <securecookie> rules,
along with an http://apps.facebook.com -> https://apps.facebook.com rule,
into an optional, off-by-default Facebook+ ruleset. That ruleset either
(1) breaks Facebook apps, or (2) may require you to accept a
www.facebook.com cert for apps.facebook.com, depending on your
persepective.
Facebook have told us that this problem will eventually go away, but they
can't commit to a timeline. When that happens, the Facebook+ ruleset can
be merged back into the main one.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2193#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs