-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hello guardian-dev!
In stock Fennec (Firefox for Android), the only way to configure a proxy is via about:config (or the now-deprecated ProxyMob plugin). Currently in Orfox, Orbot's SOCKS proxy is set by default in about:config, and Orbot's HTTP proxy is hard-coded into the Java settings. I have been poking around at Amogh's Orfox branch, and have made a patch set that collect together the various places that the HTTP proxy is hard-coded into a single location [0] (yet to be pulled). (My eventual goal is to help add I2P support to Orfox. Having hard-coded Tor dependencies scattered through the codebase doesn't help me :P ) Amogh pointed me to the existing ProxySelector code [1] and asked that I integrate my patches into this. However, when I looked into it further, I discovered that the ProxySelector code's purpose is that when "use system proxy settings" is selected, Firefox picks up the system proxy configuration from Android's APN or WiFi settings [2]. This got me thinking more broadly about how Orfox will be used. Ideally, we could set the proxy settings in a single place, and they would propagate everywhere. Amogh tells me that it is possible to have the Java layer listen to the Gecko layer. IMHO this should be default behavior and is probably a patch that needs to be sent upstream to Mozilla. But assuming that we _do_ get Orfox to this point, the next issue is how we select the proxy settings, or present them to the user. Do we: - - force Orbot-only (the status quo)? - - leave users to delve around in about:config? - - listen to the system proxy settings? - - support multiple proxies (e.g. .i2p through I2P, .* through Tor)? - - bundle the NetCipher and/or I2P Android client libraries? How development progresses IMHO depends on both of these points. (See the appendix for a braindump on development pathways.) So, my question is: what is Guardian Project's design goal for Orfox? How do you envisage people using it, and how do you envisage them configuring it? str4d [0] https://github.com/str4d/privacy-browser [1] https://dxr.mozilla.org/mozilla-central/source/mobile/android/base/util/ ProxySelector.java [2] https://bugzilla.mozilla.org/show_bug.cgi?id=749352 Appendix: If Orfox is going to only support explicit hard-coded proxies, then the status quo is "sufficient", but hard to maintain. The trivial hack to get the proxy settings right throughout (while keeping them all being set in one place) is to configure "use system proxy settings" via Firefox settings, and modify ProxySelector to reply with the hard-coded proxy settings. That would make building Orfox for use with other proxies or networks easier. If Orfox will be usable as a general privacy-oriented browser that can be used with any anonymity network or proxy (or potentially neither), then extra UI and backend code will be required. I have a feeling that it might be possible to bundle all of this into ProxySelector, but that would mean maintaining separate proxy settings, and explicitly ignoring the Gecko ones (and potentially modifying the C code). Alternatively, the new UI code could set the Gecko proxy settings, but this would necessitate additional code to support multiple proxies at once (or an add-on, but with ProxyMob deprecated it's probably better to have the modifications built-in). -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJVpeMBAAoJEBO17ljAn7PgAp0P/17BmsibjHrrak8FLlVzrzkI IuV4GXd/hziByYrib+ZdZ4HEi5dC8UCmQG7d8lgNfmiHYmPmsys57aucbA2y4zaE 7+LUze8RWje58JUcWVLuO8VsvjiF7+MjsgOIf65fWNdw3JEGONiXFIHtcKJ62iOx eiCSfOM1AUphugvmkiFkpW4GJDNmehI6AP8CV8BP/PZjaVNlXc4e1uCKG0j90xWK p4w3fA/hTfyMatWxyPSzZ6Io70aBS2FRvMHoRfWcqb1nzxpV8LHuhMxS6GVM1Ld/ BemhjYUUBkZHxIZWGEMwG2rVjsijwFS1w4UnaT6ppYCbEfuOGyGgCiBcqa3hR/SL 27p4By9ebNgtbRPTzTyWRF9y0l8s151nDWKrXWEDRUqc+Il06o5MkNQZHlniJNrl AaNy3ZndiEUqCn6aD0xFPTZSDwvomQUpO9LwOMw752NR2mYIHvLTQolncf8JpMmq 9Dmd5VuHud08T3L+3N6AJwrlWBf7kuAwFQq/+jjU1fo5m3F6BZttNCRBHfV9xjKg ZbtX6s3sYxal/rBUHekVZ9iiN7I6pDlono3Wt1Wg/2YKMR5RG5nZarmP8z32g0fO eGyrygdj/VL6jm+h4akEGKhoErrk4tm48uSu/Tam0M9swc5th7cvyZVaSvvLuHYE +oBL5mHYqR5MDZq93KUk =YW0o -----END PGP SIGNATURE----- _______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
