[tor-bugs] #13670 [Tor Browser]: ensure OCSP & favicons respect URL bar domain isolation
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Mar 24 02:06:31 UTC 2015
#13670: ensure OCSP & favicons respect URL bar domain isolation
-------------------------+-------------------------------------------------
Reporter: | Owner: arthuredelstein
arthuredelstein | Status: needs_revision
Type: defect | Milestone:
Priority: normal | Version:
Component: Tor | Keywords: tbb-4.5-alpha,
Browser | TorBrowserTeam201503R
Resolution: | Parent ID:
Actual Points: |
Points: |
-------------------------+-------------------------------------------------
Comment (by arthuredelstein):
Here's a new version of the patch, which also builds on linux.
https://github.com/arthuredelstein/tor-
browser/commit/e6f769b4c5bfca8b7282627bb420c4c8b757974a
For some reason, the linux version of tor-browser.git wanted to build
libpkix, whereas OS X did not. libpkix is off by default
(security.use_mozillapkix_verification = true) in FF31 and removed
completely by FF34. A new library, mozilla::pkix, is used by default
instead. So I implemented first-party isolation in mozilla::pkix only. In
libpkix a few `isolationKey` arguments are inserted for compatibility with
headers, but all `isolationKeys` are set to NULL.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13670#comment:22>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list