[tbb-bugs] #3600 [Applications/Tor Browser]: Prevent redirects from transmitting+storing cookies+identifiers

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jun 11 08:22:16 UTC 2018

#3600: Prevent redirects from transmitting+storing cookies+identifiers
 Reporter:  mikeperry                            |          Owner:  tbb-
                                                 |  team
     Type:  defect                               |         Status:  new
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Major                                |     Resolution:
 Keywords:  tbb-linkability, tbb-testcase, tbb-  |  Actual Points:
  torbutton                                      |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:

Comment (by gk):

 Mike pointed me to https://webkit.org/blog/8311/intelligent-tracking-
 prevention-2-0/ which has among other interesting features a tracking
 redirect detection mechanism:
 ITP 2.0 has the ability to detect when a domain is solely used as a “first
 party bounce tracker,” meaning that it is never used as a third party
 content provider but tracks the user purely through navigational
 It would be interesting for us investigating whether that is something we
 could/should use as well. After digging a  bit it seems this is
 implemented in the open source WebKit part. E.g.
 https://bugs.webkit.org/show_bug.cgi?id=182664 seems to be relevant and
 the whole Resource Load Statistics part.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3600#comment:36>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list