[tor-dev] Feasibility of using a Tor Browser plugin as a PT component?

Arlo Breault arlo at torproject.org
Sat Feb 22 17:47:55 UTC 2014

> It seems the right thing to do is mimic a browser, and I can think of at
> least three ways to do that:
>  1. Try really hard, using NSS or some other library, to look like a
>     particular browser.
>  2. Run a second browser, apart from Tor Browser, that receives commands
>     from a client PT program and makes the HTTPS requests it is
>     commanded to.
>  3. Run a browser plugin *inside* Tor Browser, that makes HTTPS requests
>     *directly on the Internet, without going through Tor*. That is, the
>     plugin receives commands from the client PT program, and then
>     bypasses all of Tor Browser's proxy settings in order to send HTTPS
>     requests to the web site fronting the circumvention.
> It's the third option I want to ask about. The first option puts us on
> the parrot treadmill. The second has the usability and distribution
> problems of running two browsers at once.

Usability might not be such an issue if you're using a headless browser.
Distribution still would be.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20140222/d4e6e3e8/attachment.html>

More information about the tor-dev mailing list