[tor-bugs] #19757 [Applications/Tor Browser]: Make a menu to add onion and auth-cookie to TB

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Jan 29 14:59:06 UTC 2020

#19757: Make a menu to add onion and auth-cookie to TB
 Reporter:  mrphs                                |          Owner:  brade
     Type:  defect                               |         Status:
                                                 |  needs_revision
 Priority:  Medium                               |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  ux-team, tbb-usability, tor-hs,      |  Actual Points:  6.3
  TorBrowserTeam202001                           |
Parent ID:  #30000                               |         Points:  8
 Reviewer:  pospeselr, acat                      |        Sponsor:
                                                 |  Sponsor27-must

Comment (by mcs):

 Replying to [comment:31 acat]:
 > In `savedKeysDialog.js`, line 64, `controllerFailureMsg` is not defined
 in that scope. I guess it should be declared outside the `try`, as you do
 in `authPrompt.js` [eslint caught this one :) ]

 Good catch! We will fix it.

 > Speaking of eslint, I'm not sure whether we made a decision about
 enforcing it for new code or not but at least with the latest patches of
 pospeselr or mine we tried to do so. I leave it up to you, as I think it's
 not so important and can always be done later. `./mach lint -l eslint
 --fix browser/components/onionservices` should fix all the auto-fixable

 We will try using eslint soon. Thanks!

 > I tested a bit and saw a couple of cases with a behaviour I'm not sure
 is the intended one:
 > * Added private key, checked "Don't remember" -> after "New Identity"
 accessing to the .onion still works (I would expect we clear that on New

 This is an interesting test case. Kathy and I agree that "in memory" keys
 should be cleared upon New Identity. But we should ask the Network Team
 (asn and dgoulet) how they think it should work.

 > * Added private key, checked "Remember", removed from
 `about:preferences` -> accessing to the .onion still works (but not after
 "New Identity", which is surprising given the behaviour above).

 I think this second test case points to a bug in tor. Kathy and I are able
 to reproduce it. It looks like a new circuit is used to load the .onion
 the second time, so it is not just a matter of circuit reuse.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19757#comment:32>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list