[tor-bugs] #31144 [Applications/Tor Browser]: ESR68 Network Code Review

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Oct 17 20:56:49 UTC 2019 

#31144: ESR68 Network Code Review
-------------------------------------------------+-------------------------
 Reporter:  pili                                 |          Owner:  tbb-
                                                 |  team
     Type:  task                                 |         Status:
                                                 |  needs_review
 Priority:  Very High                            |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  TorBrowserTeam201910R, tbb-9.0       |  Actual Points:
  -must-alpha, tbb-proxy-bypass                  |
Parent ID:                                       |         Points:  10
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by sysrqb):

 I pushed `bug31144_04` which contains fixups for the missed:

 >> GeckAppShell has many wrappers to create inputstreams from
 URLConnections (but these may need to be opened first?)
 > This seems like it's only local connections (but it has the potential of
 bypassing the proxy). Specifically, this is used as a protocol handler for
 android: URIs. We can reject connections for now, and come back to this.

 and

 >> GeckoActionProvider.downloadImageForIntent uses
 java.net.URL.openStream()
 > Same here.

 and


 >>>> CustomTabsActivity.performPendingIntent - again, hard to tell what is
 happening here
 >>> These seem like they could be arbitrary actions.
 >> Hrmm.. should we patch that somehow, or assume it is handled when the
 Intent is finally delivered?
 > I'd rather break this functionality at this point. Someone can change
 the default browser on their device to Tor Browser under the assumption
 that CustomTabs are proxy-safe and other apps will happily use it. I'd
 rather be safe than sorry here. We can come back later and fix it
 correctly.

 and



 >> android.app.DownloadManager
 >>  DownloadsIntegration.java uses it, but has a check for
 useSystemDownloadManager() to avoid using it
 >>  BrowserApp.java uses it to download items without any checks
 > This is controlled by
 browser.download.forward_oma_android_download_manager which is false.
 (​https://bugzilla.mozilla.org/show_bug.cgi?id=1253684 which is
 restricted?). I'll add this into the override file, just so we aren't
 surprised by a change later.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31144#comment:22>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list