[tor-bugs] #7638 [Tor]: defect: the 'window.name' attribute is traceable across sites

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Dec 5 03:39:53 UTC 2012 

#7638: defect: the 'window.name' attribute is traceable across sites
------------------------------+---------------------------------------------
 Reporter:  WDXfjqDN4QKGYrlY  |          Owner:                               
     Type:  defect            |         Status:  new                          
 Priority:  major             |      Milestone:  TorBrowserBundle 2.3.x-stable
Component:  Tor               |        Version:  Tor: 0.2.2.39                
 Keywords:  window.name tab   |         Parent:                               
   Points:                    |   Actualpoints:                               
------------------------------+---------------------------------------------
 On a fresh install of tor-browser-gnu-linux-x86_64-2.3.25-1-dev-en-US and
 going to http://ip-check.info/?lang=en reveals that (when javascript is
 enabled, which is the default) the window.name attribute is traceable
 across sites.

 This issue was first seen in 'tor-browser-gnu-linux-x86_64-2.2.39-5-dev-
 en-US'.
 It did not seem to occur in versions prier to 'tor-browser-gnu-linux-
 x86_64-2.2.39-5-dev-en-US'.

 Attribute:Tab name
 Value:"window.name" is traceable. Your unique ID: 2372370
 Rating:bad

 Pop-up help text when hovering over the 'Attribute' text:
 Using the attribute "window.name", a website may give the current tab a
 name. The attribute "window.name" may get misued for marking your current
 tab. It remains the same over several websites until a site you visit sets
 a new value.

 Pop-up help text when hovering over the 'Value' text:
 Recommended: The name of the current tab should be deleted once you are
 surfing to a new website domain.

 Firefox: Use the JonDoFox or Torbutton profile.
 Chrome: Use the extension "window name eraser".

 You may delete its value also by closing this browser tab.

 Pop-up help text when hovering over the 'Rating' text:
 Your browser may get traced over your current tab.

 Reproduction:
 0) download and extract 'tor-browser-gnu-linux-x86_64-2.2.39-5-dev-en-US'
 or any Tor Browser Bundle released since that version.
 1) Start up Tor Browser with 'start-tor-browser' in 'tor-browser_en-US'
 2) Proceed to: 'http://ip-check.info/?lang=en'
 3) Click on the text "START TEST! Please click here to start the full
 anonymity test IP check and see all results."
 4) Examine the attribute 'Tab name'.

 Note that in previous versions of the Tor Browser Bundle this attribute is
 not traceable.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7638>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list