#21863: Ensure proxy safety on Android
 Reporter:  gk                                   |          Owner:  sysrqb
     Type:  defect                               |         Status:
                                                 |  accepted
 Priority:  Very High                            |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tbb-mobile, tbb-7.0-must, tbb-       |  Actual Points:
  proxy-bypass, TorBrowserTeam201807             |
Parent ID:  #26531                               |         Points:
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor4

Comment (by sysrqb):

 Replying to [comment:29 toproxy]:
 > Tor browser for Android compiled from esr60.1 branch in
 [https://git.torproject.org/user/sysrqb/tor-browser.git sysrqb's Tor
 browser repository] is leaking domains of visited websites. Orfox has the
 same proxy config values as TBA but Orfox does not leak DNS. So I've
 decided to test Firefox 52 and found that Firefox 52 leaks DNS just like
 TBA based on esr60. Were not all Orfox patches added to TBA?
 > It appears that this proxy-bypass happens after websites are completely
 loaded. And another thing to note is DNS requests for resources within
 websites are not leaked but that's not always the case.

 Hrm. I think that may be an old build. I'll upload a new one, and I hope
 you can test that and confirm it does not leak.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21863#comment:32>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
tor-bugs mailing list

Reply via email to