[tbb-bugs] #22538 [Applications/Tor Browser]: Changing circuit for page with error switches catch-all circuit instead

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Apr 3 16:42:41 UTC 2019

#22538: Changing circuit for page with error switches catch-all circuit instead
 Reporter:  gk                        |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  tbb-linkability           |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:

Comment (by acat):

 torbutton uses
 `gBrowser.contentPrincipal.originAttributes.firstPartyDomain` to get the
 active firstPartyDomain to change circuit. This is set to `about.ef2a7dd5
 -93bc-417f-a698-142c3116864f.mozilla` for all about:* pages, including
 about:neterror and about:certerror which are the cases here. So, if I'm
 not wrong, changing the circuit when there is a network or ssl error
 currently changes the circuit for all about:* pages (not the catch-all

 I did not find an obvious way to get the firstPartyDomain causing the
 error directly from gBrowser.*. Here is a patch that gets it from the url
 parameter that about:neterror and about:certerror has, which is the
 original url causing it:

 Another possibility could be forcing a new circuit always when there are
 network or ssl errors, although I'm not sure if that's desirable.

 Also not sure if this is the same as
 https://trac.torproject.org/projects/tor/ticket/25670, since I have only
 seen this behaviour either in neterror or certerror.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22538#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list