[tor-bugs] #28005 [Applications/Tor Browser]: Officially support onions in HTTPS-Everywhere

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Feb 28 19:52:03 UTC 2020


#28005: Officially support onions in HTTPS-Everywhere
-------------------------------------------------+-------------------------
 Reporter:  asn                                  |          Owner:  tbb-
                                                 |  team
     Type:  defect                               |         Status:
                                                 |  needs_review
 Priority:  Medium                               |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-hs, https-everywhere, network-   |  Actual Points:  15
  team-roadmap-november, network-team-roadmap-   |
  2020Q1, TorBrowserTeam202002, ux-team          |
Parent ID:  #30029                               |         Points:  20
 Reviewer:  mcs, sysrqb, antonela                |        Sponsor:
                                                 |  Sponsor27-must
-------------------------------------------------+-------------------------

Comment (by legind):

 https://github.com/EFForg/https-everywhere/pull/18994 creates a
 `get_simple_rules_ending_with` message handle returns an array of simple
 rules, which Tor can use to reverse-lookup `.tor.onion` addresses.

 Example from Chrome HTTPSE popup console with the above update channel
 installed:

 {{{
 chrome.runtime.sendMessage({type: "get_simple_rules_ending_with", object:
 ".tor.onion"}, rules => console.log(rules));

 undefined
 VM51:1 [{…}]0: from_regex:
 "/^http[s]?:\/\/nytimes.securedrop.tor.onion\//"host:
 "nytimes.securedrop.tor.onion"scope_regex:
 "/^https?:\/\/[a-z0-9-]+(?:\.[a-z0-9-]+)*\.securedrop\.tor\.onion\//"to:
 "https://nyttips4bmquxfzw.onion/"__proto__: Objectlength: 1__proto__:
 Array(0)
 }}}

 This works currently in the pure JS implementation of the RuleSets, and
 I've also added it to the WASM code so that when/if Tor Browser enables
 WASM in extensions this will not cause breakage.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28005#comment:26>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list