#30429: Rebase Tor Browser patches for Firefox ESR 68 -------------------------------------------------+------------------------- Reporter: gk | Owner: tbb- | team Type: task | Status: | needs_revision Priority: Very High | Milestone: Component: Applications/Tor Browser | Version: Severity: Normal | Resolution: Keywords: ff68-esr, tbb-9.0-must-alpha, | Actual Points: TorBrowserTeam201909 | Parent ID: | Points: 1 Reviewer: | Sponsor: | Sponsor44-can -------------------------------------------------+-------------------------
Comment (by gk): Replying to [comment:8 acat]: [snip] > == [DROP? might not be needed -> check] > {{{ > + 988d41acfaca Bug 26456: HTTP .onion sites inherit previous page's certificate information > }}} That's not clear yet, probably we don't need it. However, the current state of our rebased .onion security expectations needs improvements. Right now if you load an http:// .onion (you could pick one from https://onion.torproject.org) the proper icon is shown in the URL bar. But: clicking on the info box shows that the connection is not secure which is a regression to the stable series. `URICanBeConsideredSecure()` (in security/manager/ssl/nsSecureBrowserUIImpl.cpp) seems to be suspicious here as it does not care about .onion or not. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30429#comment:64> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs