[tor-bugs] #32418 [Applications/Tor Browser]: Torbrowser tells on every start, that it can't update although it is newest

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Apr 28 20:13:55 UTC 2020 

#32418: Torbrowser tells on every start, that it can't update although it is newest
----------------------------------------------+------------------------
 Reporter:  Yeti                              |          Owner:  mcs
     Type:  defect                            |         Status:  closed
 Priority:  Medium                            |      Milestone:
Component:  Applications/Tor Browser          |        Version:
 Severity:  Normal                            |     Resolution:  fixed
 Keywords:  tbb-update,TorBrowserTeam202004R  |  Actual Points:  1.7
Parent ID:                                    |         Points:
 Reviewer:                                    |        Sponsor:
----------------------------------------------+------------------------
Changes (by sysrqb):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Replying to [comment:18 mcs]:
 > Replying to [comment:16 sysrqb]:
 > > Is there a reason for not using `MOZ_PROXY_BYPASS_PROTECTION` instead
 of defining a new `JSON_POLICIES_ONLY`? The latter is definitely more
 explicit about why it is defined, so I see some benefit for us in using
 `JSON_POLICIES_ONLY`, but I wonder if there is another reason as well.
 >
 > Kathy and I think using `MOZ_PROXY_BYPASS_PROTECTION` is a good idea; we
 just did not think to do so when we wrote the patch.  Do you want us to
 create a fixup or do you want to take care of it?
 >
 > We could even do something like the following if we want to continue to
 use `JSON_POLICIES_ONLY` within that file for readability:
 >  #define JSON_POLICIES_ONLY MOZ_PROXY_BYPASS_PROTECTION

 That's a good idea. I took care of it. I changed the `#define` as you
 suggested. I like that defining `JSON_POLICIES_ONLY` as
 `MOZ_PROXY_BYPASS_PROTECTION` self-documents that this is used for
 avoiding a proxy bypass vector, and the result of this should only allow
 json policies.

 I tweaked your commit and merged it with commit
 `f81583b0d6d7eefd4b7384e8ee95d528ea4fb303` on `tor-
 browser-68.7.0esr-9.5-1`. The tweaked commit is
 `e577d655d2044e3b6636b0bccfbb5bd776148582`.

 Thanks!

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32418#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list