[tbb-bugs] #5752 [Tor Browser]: Isolate browser streams by url bar domain rather than by time interval

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Nov 4 04:11:16 UTC 2014

#5752: Isolate browser streams by url bar domain rather than by time interval
     Reporter:  arma     |      Owner:  tbb-team
         Type:  project  |     Status:  closed
     Priority:  normal   |  Milestone:
    Component:  Tor      |    Version:
  Browser                |   Keywords:  SponsorZ, tor-client, tbb-firefox-
   Resolution:  fixed    |  patch, TorBrowserTeam201410
Actual Points:           |  Parent ID:
       Points:           |

Comment (by arma):

 Replying to [comment:7 mikeperry]:
 > isis just noted in #tor-dev that Tor retries failed DNS queries on other
 circuits. It appears that we do this for failed stream attempts too. I
 agree that's a bad property because it allows a web adversary to cause
 your browser to keep making new circuits until you pick one that uses its
 middle node.
 > We should ensure we disable this "retry on new circuit" behavior for
 content elements of a given URL bar, so that at least content elements
 don't get to cause you to create tons of circuits. Once a circuit can load
 a top-level url correctly, it should be considered reliable enough not to
 abandon if a DNS or other stream times out. This might actually require a
 new Tor child ticket and patch, though...
 > It's not clear what (if anything) we should change about the initial URL
 bar load behavior, though. Perhaps it is safe to remain unchanged, because
 Tor would at least rate limit that properly before failing the page load.

 Was there a resolution for this part of the issue?

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5752#comment:20>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list