[tor-bugs] #2166 [EFF-HTTPS Everywhere]: Provide checkbox "Break sites to provide more security (where possible)"
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Nov 8 11:26:15 UTC 2010
#2166: Provide checkbox "Break sites to provide more security (where possible)"
----------------------------------+-----------------------------------------
Reporter: mikeperry | Owner: pde
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: | Parent:
----------------------------------+-----------------------------------------
We should add a flag that specifies that an exemption allows site
functionality at the expense of security. The flag could also be present
on rules that break functionality in favor of security, and on cookie
flagging rules that set the secure bit on cookies that still need to be
transmitted over http in some cases.
With this syntax, we can then provide a UI option that says "Break sites
to provide more security (where possible)". When checked, it would also
disable the code that gives up on https redirects after the redirect limit
has been reached.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2166>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list