[tbb-bugs] #22538 [Applications/Tor Browser]: Changing circuit for page with error switches catch-all circuit instead

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Apr 4 09:15:07 UTC 2019

#22538: Changing circuit for page with error switches catch-all circuit instead
 Reporter:  gk                                   |          Owner:  tbb-
                                                 |  team
     Type:  defect                               |         Status:
                                                 |  needs_revision
 Priority:  Medium                               |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tbb-linkability,                     |  Actual Points:
  TorBrowserTeam201904                           |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
Changes (by gk):

 * status:  needs_review => needs_revision
 * keywords:  tbb-linkability, TorBrowserTeam201904R => tbb-linkability,


 Replying to [comment:14 acat]:
 > torbutton uses
 `gBrowser.contentPrincipal.originAttributes.firstPartyDomain` to get the
 active firstPartyDomain to change circuit. This is set to `about.ef2a7dd5
 -93bc-417f-a698-142c3116864f.mozilla` for all about:* pages, including
 about:neterror and about:certerror which are the cases here. So, if I'm
 not wrong, changing the circuit when there is a network or ssl error
 currently changes the circuit for all about:* pages (not the catch-all

 Yes, this behavior is new since Tor Browser 8 (we got that with

 > I did not find an obvious way to get the firstPartyDomain causing the
 error directly from gBrowser.*. Here is a patch that gets it from the url
 parameter that about:neterror and about:certerror has, which is the
 original url causing it:

 Nice idea and I think that works for now at least. Some review comments:

 1) We have been thinking about `const`ification of code as much as
 possible (see: #26184) but we are not there yet. Thus, please use `let`
 for now where you don't have fixed strings. (This means everywhere besides

 2) Please put the `const` at the beginning of the file using a similar
 naming schema as the other `const`s we already have.

 +  const knownErrors = ["about:neterror", "about:certerror"];
 +  const origin = gBrowser.contentPrincipal.origin || '';
 +  if (isAboutFPD && knownErrors.some(x => origin.startsWith(x))) {
 +    try {
 I think it's not needed to determine `origin` for every domain we are
 requesting but only for those that have the about-firstpartydomain. Thus,
 even if the code is slightly more complex please rewrite that to something
 +  if (isAboutFPD) {
 +    let knownErrors = ["about:neterror", "about:certerror"];
 +    let origin = gBrowser.contentPrincipal.origin || '';
 +    if (knownErrors.some(x => origin.startsWith(x))) {
 +      try {

 > Another possibility could be forcing a new circuit always when there are
 network or ssl errors, although I'm not sure if that's desirable.

 Hm, there is the risk of burning a bunch of circuits that way which might
 not help if a website is poorly configured. So, I think I'd rather avoid
 that, at least for now.

 > Also not sure if this is the same as
 https://trac.torproject.org/projects/tor/ticket/25670, since I have only
 seen this behaviour either in neterror or certerror.

 I'd assume so. What would be helpful is figuring out whether we'd fix
 #22513 as well with your patch. If so, we should note this in the commit
 message and close that bug as well.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22538#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list