[tor-bugs] #7540 [EFF-HTTPS Everywhere]: Breaks certain links and forms at SnapNames

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Dec 17 23:56:12 UTC 2012


#7540: Breaks certain links and forms at SnapNames
-------------------------------------+--------------------------------------
    Reporter:  subsection1t          |       Owner:  pde   
        Type:  defect                |      Status:  closed
    Priority:  normal                |   Milestone:        
   Component:  EFF-HTTPS Everywhere  |     Version:        
  Resolution:  fixed                 |    Keywords:        
      Parent:                        |      Points:        
Actualpoints:                        |  
-------------------------------------+--------------------------------------
Changes (by pde):

 * cc: MB, admin@… (added)
  * status:  new => closed
  * resolution:  => fixed


Comment:

 I think this is a securecookie bug.  Which is weird, because
 moniker.snapnames.com is being successfully rewritten from HTTP to HTTPS.
 This is probably evidence of a security vulernability in the snapnames
 site.

 Anyway, we're going to disable the securecookie directives in the next
 release of HTTPS Everywhere.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7540#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list