[tor-bugs] #26832 [Applications/Tor Check]: Allow use of https://check.torproject.org/api/ip by content
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jul 18 17:25:24 UTC 2018
#26832: Allow use of https://check.torproject.org/api/ip by content
------------------------------------+------------------------------
Reporter: arthuredelstein | Owner: arlolra
Type: defect | Status: needs_review
Priority: Medium | Milestone:
Component: Applications/Tor Check | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
------------------------------------+------------------------------
Comment (by arma):
I wonder if there are surprising safety implications to users if we do
this.
Maybe we want to do it more explicitly, by making a new "check-
api.torproject.org" site that is more clearly separate, and just serves
that one thing?
I can also see the conflict between "we should use all of our own tools
where we can" and "we should stop making even more per-site exceptions to
our webserver security rules".
For example, would some other site like
https://wtfismyip.com/text
do the demo job just as well?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26832#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list