[tor-bugs] #21537 [Applications/Tor Browser]: Consider ignoring secure cookies for .onion addresses
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Apr 13 17:04:51 UTC 2018
#21537: Consider ignoring secure cookies for .onion addresses
-------------------------------------------------+-------------------------
Reporter: micah | Owner: gk
Type: enhancement | Status:
| needs_review
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-usability, | Actual Points:
TorBrowserTeam201804R, GeorgKoppen201804 |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by gk):
* status: assigned => needs_review
* keywords: tbb-usability, TorBrowserTeam201804, GeorgKoppen201804 => tbb-
usability, TorBrowserTeam201804R, GeorgKoppen201804
Comment:
Okay, how is `bug_21537_v4` (https://gitweb.torproject.org/user/gk/tor-
browser.git/log/?h=bug_21537_v4)? Returning a boolean value made this
slightly more complicated as we actually have more than two values to
consider due to the telemtry part. But as we don't want to have the latter
anyway, I just ripped it out. We can revisit that when we think we want to
upstream that patch but that's a bit in the future as I am not sure
whether Mozilla would take it right now anyway. There is no easy way
around the HTTPS = secure equation for cookies I am afraid...
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21537#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list