[tor-bugs] #2413 [EFF-HTTPS Everywhere]: HTTPS Everywhere for Chrome
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Wed Jan 19 20:18:56 UTC 2011
#2413: HTTPS Everywhere for Chrome
----------------------------------+-----------------------------------------
Reporter: aaronsw | Owner: pde
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: | Parent:
----------------------------------+-----------------------------------------
Comment(by aaronsw):
Another feature could be to ensure all cookies are SSL-only where possible
(I assume there's API support for that). This combined with the quick
redirect could protect against wo0dh3ad-style attacks. Any time you
followed a non-SSL link no cookies would be sent and any time you saw a
form it'd have to be on an SSL page, since you'd be redirected.
Also, I presume if this is developed much of the code and infrastructure
can be reused for a Safari version.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2413#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list