#8725: resource:// URIs leak information
-------------------------------------------------+-------------------------
Reporter: holizz | Owner: tbb-
Type: defect | team
Priority: Very High | Status:
Component: Applications/Tor Browser | needs_review
Severity: Major | Milestone:
Keywords: tbb-fingerprinting, tbb-rebase- | Version:
regression, tbb-testcase, tbb-firefox-patch, | Resolution:
TorBrowserTeam201606R | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by gk):
{{{
The second one is that shouldLoad is not invoked for redirects. You only
get one call, for the first URL requested. If you let it pass, it can
redirect anywhere without you noticing it.
}}}
https://developer.mozilla.org/en-US/Add-
ons/Overlay_Extensions/XUL_School/Intercepting_Page_Loads
So, my first guess would be that redirects can bypass this blocking
mechanism. Did anybody test this?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8725#comment:27>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
