[tbb-bugs] #21340 [Applications/Tor Browser]: Identify and backport new patches from Firefox
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Apr 13 16:58:54 UTC 2017
#21340: Identify and backport new patches from Firefox
-------------------------------------------------+-------------------------
Reporter: arthuredelstein | Owner: tbb-
| team
Type: defect | Status:
| needs_review
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: ff52-esr, TorBrowserTeam201704R, | Actual Points:
tbb-7.0-must-alpha |
Parent ID: | Points:
Reviewer: | Sponsor:
| Sponsor4
-------------------------------------------------+-------------------------
Comment (by gk):
Replying to [comment:19 arthuredelstein]:
> Replying to [comment:18 gk]:
> > Arthur: where are we here given the previous comments? We have the
HSTS/HPKP-related backport to consider. Something else as well?
>
> I have rebased what I had in comment:6 on top of tor/tor-
browser-52.0.2esr-7.0-2, except I left out the SVG patches which I think
we can postpone:
>
> https://github.com/arthuredelstein/tor-browser/commits/21340+5
>
> These include the HSTS/HPKP-related patches, as well as these:
> {{{
> 1315602 Remove the assertion of FirstPartyDomain should be empty in HTTP
redirect
> 1274020 Add a test to show that the DOM Cache is separated by origin
attributes
> 1282655 Add a test case to test whether site permissions are universal
or isolated for each type of OriginAttribute
> 1305144 Spoof referrer when leaving a .onion domain (Tor 17334)
> }}}
I think I don't get to those anymore for 7.0a3. :( We should consider them
for the next alpha.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21340#comment:22>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list