#25090: Make sure IPFS & co in addons are shoved up through Tor and don't leak in ESR60 ----------------------------------------+---------------------------- Reporter: cypherpunks | Owner: tbb-team Type: defect | Status: closed Priority: Medium | Milestone: Component: Applications/Tor Browser | Version: Severity: Normal | Resolution: worksforme Keywords: ff60-esr, tbb-proxy-bypass | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: ----------------------------------------+---------------------------- Changes (by gk):
* status: new => closed * resolution: => worksforme Comment: I think we are good right now. There is no TCP/UDP Socket API available for WebExtensions yet (see: https://bugzilla.mozilla.org/show_bug.cgi?id=1247628) so, this risk is ruled out. You can register those protocols with protocol handlers (see: https://developer.mozilla.org/en-US/docs/Mozilla/Add- ons/WebExtensions/manifest.json/protocol_handlers) but that's a web based mechanism, so that should be fine. That said: even if extensions which implemented/supported those protocols *would* bypass Tor then I think this would fall under our strong recommendation to not install third-party extensions as they can compromise your privacy/anonymity. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25090#comment:5> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs