[tor-bugs] #22343 [Applications/Tor Browser]: Save as... in the context menu results in using the catch-all circuit
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Nov 12 18:19:31 UTC 2018
#22343: Save as... in the context menu results in using the catch-all circuit
-------------------------------------------------+-------------------------
Reporter: gk | Owner:
| arthuredelstein
Type: defect | Status:
| needs_review
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution:
Keywords: tbb-linkability, tbb-usability, | Actual Points:
ff52-esr, tbb-7.0-must, tbb-7.0-issues, tbb- |
regression, tbb-7.0-frequent, |
TorBrowserTeam201811R |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by arthuredelstein):
Replying to [comment:61 gk]:
> Replying to [comment:59 arthuredelstein]:
> > Replying to [comment:56 gk]:
> > > 2) From looking at he code in `ContentClick.jsm` It seems we might
be able to trigger `window.openLinkIn(json.href, where, params);` which
could lead to false FPI in the `save` case (see the: `// Todo(903022):
code for where == save`) or is that just a leftover comment and we are
actually good?
> >
> > This was a good catch. I found I needed to patch the `saveURL`
function in `browser/base/content/utilityOverlay.js`.
>
> Where you able to trigger this bug in a browsing sesssion? If so, how? I
tried quite a bit to verify my suspicion after reading the code, but
failed.
Actually, I wasn't. I can try further. Regardless, I think we should patch
the file because the signature of `saveURL` has changed.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22343#comment:62>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list