[tbb-bugs] #19995 [Applications/Tor Browser]: New Identity does not clear HSTS state anymore
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Aug 29 15:13:06 UTC 2016
#19995: New Identity does not clear HSTS state anymore
-------------------------------------------------+-------------------------
Reporter: gk | Owner: tbb-
| team
Type: defect | Status: closed
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution: fixed
Keywords: tbb-newnym, tbb-torbutton, | Actual Points:
GeorgKoppen201608, TorBrowserTeam201608R |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by gk):
* status: needs_review => closed
* resolution: => fixed
Comment:
Replying to [comment:3 mcs]:
> Replying to [comment:1 gk]:
> > While working on the design document I stumbled over #18589 again and
after looking at it a bit at least the `NEWNYM` issue seemed trivially to
fix. A patch is in my bug_19995_v2
(https://gitweb.torproject.org/user/gk/torbutton.git/commit/?h=bug_19995_v2).
>
> This patch looks good to me.
> I don't know the answers to the questions raised on comment:2, but it
does seem like no data should be written to SiteSecurityServiceState.txt
when in PBM or, as suggested by bugzilla, Mozilla should treat a browser
exit as an exit from PBM.
We have #18589 for fixing the underlying problem and that should be
something for uplifting then, yes. Fixed on maser (commit
6dc853740b0e2be39f17b1a1857f2610de42548c) and maint-1.9.5 (commit
3c04ec4654270f2896db0efffc4bc72edc2e3018).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19995#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list