[tor-bugs] #3600 [TorBrowserButton]: Prevent redirects from transmitting+storing cookies+identifiers
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon May 7 03:26:45 UTC 2012
#3600: Prevent redirects from transmitting+storing cookies+identifiers
------------------------------+---------------------------------------------
Reporter: mikeperry | Owner: mikeperry
Type: defect | Status: new
Priority: major | Milestone: TorBrowserBundle 2.3.x-stable
Component: TorBrowserButton | Version:
Keywords: tbb-linkability | Parent:
Points: | Actualpoints:
------------------------------+---------------------------------------------
Comment(by mikeperry):
If we decide to prompt, it would say something like "Website
https://bit.ly/foobar wishes to redirect you to
https://trac.torproject.org/projects/tor/ticket/3600. Usually this is
harmless, but in some cases it can be abused through advertising
partnerships to link your identity on one website to your identity on
another website. If the ability of these two websites to cooperate to
track you is a problem, you should click Cancel. Otherwise, click OK."
Cancel would redirect the user to about:blank, and OK would follow the
redirect.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3600#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list