#10394: Torbrowser's updater updates HTTPS-everywhere -------------------------------------------------+------------------------- Reporter: StrangeCharm | Owner: tbb- | team Type: task | Status: | needs_information Priority: Medium | Milestone: Component: Applications/Tor Browser | Version: Severity: Normal | Resolution: Keywords: tbb-security, https-everywhere, | Actual Points: TorBrowserTeam202006R | Parent ID: | Points: Reviewer: gk | Sponsor: -------------------------------------------------+-------------------------
Comment (by rustybird): Replying to [comment:44 gk]: > Maybe we could include this patch as part of our "don't block our unsigned extensions" patch where HTTPS-Everywhere is the only extension left anyway. Would be easy to make this to an "treat https-e special" patch. If the [https://lists.torproject.org/pipermail/tbb- dev/2017-April/000530.html plan] still is to eventually disable NoScript updates too, then it might be simpler to keep the patch separate and later add a fixup checking for the NoScript ID as well. Just a thought. > rustybird: have you checked whether the ruleset updates are unaffected by your patch Yes, they still work: There are connections to `www.https- rulesets.org:443` and `securedrop.org:443`. And when I start with an old HTTPS Everywhere version that includes an outdated ruleset, the `rulesets- timestamp` fields in `browser-extension-data/https-everywhere- e...@eff.org/storage.js` show that those updates are applied. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10394#comment:45> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs