[tbb-bugs] #22814 [Applications/Tor Browser]: Disable clipboard.autocopy in Tor Browser

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Jul 5 13:06:33 UTC 2017

#22814: Disable clipboard.autocopy in Tor Browser
 Reporter:  pqrst                     |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Major                     |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:

Comment (by pqrst):

 Here is a more complete description of what is happening:

 1. You are viewing a website Foo in Tor Browser. You now want to navigate
 to site Bar. Instead of opening a new tab, you select the old URL
 (foo.com) in the address bar, delete it and enter bar.com instead. If
 `clipboard.autocopy` is enabled in the configuration (which it is by
 default), this will copy foo.com to the clipboard.

 2. You are done looking at Bar and create a new identity in Tor Browser in
 order to clean up your browsing session. foo.com is still on the clipboard
 (although it will be cleared if Tor Browser is closed completely).

 3. In a separate non-Tor Firefox window you middleclick on something that
 is not a link (I do this by accident quite often). If
 `middlemouse.contentLoadURL` is enabled (which it is by default), this
 will cause Firefox to load the URL currently on the clipboard (foo.com).
 This means that your IP address is revealed to foo.com, and the fact that
 you visited foo.com is revealed to your ISP and anyone looking over your

 Apparently this is a general Firefox on UNIX issue that has been debated
 for 11 years: https://bugzilla.mozilla.org/show_bug.cgi?id=366945 . It
 appears that some people actually consider this a feature.

 My recommendations are:
 1. Make `clipboard.autocopy` false by default. This is an OK behavior for
 mainline Firefox, but in Tor Browser it is a security concern. Especially
 since many (most?) users don't even know that everything that is selected
 with the mouse, even just for the purpose of deleting it, automatically
 ends up on the clipboard. Users who use this feature often can manually
 enable it in the configuration.
 2. Clear the clipboard when creating a new identity.

 I would also argue that `middlemouse.contentLoadURL` should be disabled by
 default, but that's a separate issue.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22814#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list