[tor-bugs] #13742 [Tor Browser]: Isolating the cache to the URL bar domain is broken in Tor Browser 4.x
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Nov 12 19:29:38 UTC 2014
#13742: Isolating the cache to the URL bar domain is broken in Tor Browser 4.x
-----------------------------+-----------------------------
Reporter: gk | Owner: tbb-team
Type: defect | Status: new
Priority: critical | Milestone:
Component: Tor Browser | Version:
Resolution: | Keywords: tbb-linkability
Actual Points: | Parent ID:
Points: |
-----------------------------+-----------------------------
Comment (by gk):
The new cache backend introduced in
https://bugzilla.mozilla.org/show_bug.cgi?id=913807 is not active in ESR
31 (see #13035 for looking at it for ESR 38). However, that bug did not
only provide a new backend but rather a lot of cache logic changes as
well. And those changes are not disabled. It turns our that this breaks
our cache isolation patch.
Now there is no `OpenNormalCacheEntry()` anymore constructing an
`HTTPCacheQuery` with our modified `cacheKey`. We now only have
`AsyncOpenURI()` which adds either a POST ID or nothing (see:
https://mxr.mozilla.org/mozilla-
esr31/source/netwerk/protocol/http/nsHttpChannel.cpp#2614). We need to
modify its second parameter adding the URL bar domain it seems. I have not
looked if that is sufficient to catch all corner cases though (redirects?
favicons?)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13742#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list