[tor-dev] Proposal: HTTP header distinguish TBB users

Marcin Cieslak saper at saper.info
Sat Oct 3 12:42:16 UTC 2015

On Sat, 3 Oct 2015, Virgil Griffith wrote:

> Now the trouble starts. If the TBB user gets to the tor2web backend I check
> if they're coming from an Exit relay and redirect them---all good.  But a
> CDN (Fastly.com) sits in front of my backends and right now it's unclear
> how to detect TBB at the CDN level.

I don't think this shoud be fixed by detecting TBB, which somehow counters
the very purpose of TBB. What about having a scriptlet/extension/whatever
in The Tor Browser that sends the request directly via the Tor network
instead of using the gateway? Client-side solution is the only way
to recover your Bitcoin to me.


More information about the tor-dev mailing list