[tor-bugs] #7510 [EFF-HTTPS Everywhere]: vk.com encrypted login fails
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Dec 11 03:59:40 UTC 2012
#7510: vk.com encrypted login fails
----------------------------------+-----------------------------------------
Reporter: Donarsson | Owner: MB
Type: defect | Status: assigned
Priority: major | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Comment(by dtauerbach):
When trying to sign up (with HTTPS E enabled):
[19:21:24.202] POST http://vk.com/join.php [HTTP/1.1 200 OK 377ms]
[19:21:24.634] GET
http://vk.com/join.php?__query=join&act=school&al=-1&al_id=0&_rndVer=28245
[HTTP/1.1 200 OK 310ms]
[19:21:24.992] GET
http://vk.com/join.php?__query=join&al=-1&al_id=0&_rndVer=64 [HTTP/1.1 200
OK 291ms]
[19:21:25.373] GET
https://hvk.com/?role=al_frame&_origin=http://vk.com&ip_h=187515839092cac5fe
[HTTP/1.1 302 Found 354ms]
[19:21:25.375] GET
http://counter.yadro.ru/hit?r;s1366*768*24;uhttp%3A//vk.com/join;0.09252922008098585
[HTTP/1.1 200 OK 1079ms]
[19:21:25.377] GET
https://sb.scorecardresearch.com/p?c1=2&c2=13765216&c3=&c4=http%3A//vk.com/join&c5=&c9=c15=&cv=2.0&cj=1&rn=0.49716923597375084
[HTTP/1.1 200 OK 96ms]
[19:21:25.479] GET
https://sb.scorecardresearch.com/p?c1=2&c2=13765216&c3=&c4=http%3A//vk.com/join&c5=&c9=c15=&cv=2.0&cj=1&rn=0.49716923597375084
[HTTP/1.1 200 OK 99ms]
[19:21:25.708] GET https://vk.com/login.php?act=slogin&auto=1&to=&s=0
[HTTP/1.1 200 OK 331ms]
[19:21:25.994] Error: Permission denied to access property '__qlClear' @
https://vk.com/login.php?act=slogin&auto=1&to=&s=0:7
Without:
[19:34:12.771] POST http://vk.com/join.php [HTTP/1.1 200 OK 332ms]
[19:34:12.774] GET http://st0.userapi.com/images/upload_inv.gif [HTTP/1.1
200 OK 1179ms]
[19:34:13.137] GET
http://vk.com/join.php?__query=join&act=school&al=-1&al_id=0&_rndVer=45308
[HTTP/1.1 200 OK 272ms]
[19:34:13.404] Error in parsing value for 'filter'. Declaration dropped.
@ http://st0.userapi.com/css/al/tooltips.css?69:12
[19:34:13.404] Unknown property '-moz-box-shadow'. Declaration dropped. @
http://st0.userapi.com/css/al/tooltips.css?69:119
[19:34:13.404] Error in parsing value for 'width'. Declaration dropped. @
http://st0.userapi.com/css/al/tooltips.css?69:173
[19:34:13.405] Unknown property '-moz-border-radius'. Declaration
dropped. @ http://st0.userapi.com/css/al/tooltips.css?69:407
[19:34:13.646] GET http://st0.userapi.com/images/join/school_f.gif
[HTTP/1.1 200 OK 612ms]
[19:34:13.647] GET
http://counter.yadro.ru/hit?rhttp%3A//vk.com/join;s1366*768*24;uhttp%3A//vk.com/join%3Fact%3Dschool;0.7846443111473903
[HTTP/1.1 200 OK 693ms]
[19:34:13.648] GET
https://sb.scorecardresearch.com/p?c1=2&c2=13765216&c3=&c4=http%3A//vk.com/join%3Fact%3Dschool&c5=&c9=http%3A//vk.com/joinc15=&cv=2.0&cj=1&rn=0.635765525099055
[HTTP/1.1 200 OK 380ms]
[19:34:13.700] GET
https://sb.scorecardresearch.com/p?c1=2&c2=13765216&c3=&c4=http%3A//vk.com/join%3Fact%3Dschool&c5=&c9=http%3A//vk.com/joinc15=&cv=2.0&cj=1&rn=0.635765525099055
[HTTP/1.1 200 OK 375ms]
[19:34:13.701] GET http://st0.userapi.com/images/ddtooltip.png [HTTP/1.1
200 OK 419ms]
The requests seem pretty different, and I'm not sure where the URI with
"login.php" comes from. My inclination is to disable the ruleset for now,
and let the ruleset author (MB) work on it.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7510#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list