[tor-dev] Request for feedback/victims: cfc-0.0.2

Jeff Burdges burdges at gnunet.org
Wed Mar 30 18:59:36 UTC 2016 

I'm impressed with how much nicer the web gets with this. Thank you
Yawning!  :) 

On Sun, 2016-03-27 at 06:12 +0000, Yawning Angel wrote:

>    * (QoL) Skip useless landing pages (github.com/twitter.com will be
>      auto-redirected to the "search" pages).

Ahh that's why that happened.  lol

>    * (Privacy) Kill twitter's outbound link tracking (t.co URLs) by
>      rewriting the DOM to go to the actual URL when possible.  Since
>      DOM changes made from content scripts are isolated from page
>      scripts, this shouldn't substantially alter behavior.

Nice!

> TODO:
> 
>  * Try to figure out a way to mitigate the ability for archive.is to
>    track you.  The IFRAME based approach might work here, needs more
>    investigation.

Interesting point.

>  * Handle custom CloudFlare captcha pages (In general my philosophy is
>    to minimize false positives, over avoiding false negatives).
>    Looking at the regexes in dcf's post, disabling the title check may
>    be all that's needed.

I've noticed some hiccups with medium on the auto mode, like say
https://medium.com/@octskyward/the-resolution-of-the-bitcoin-experiment-dabb30201f7
It sometimes works if you hit refresh though.

>  * Look into adding a "contact site owner" button as suggested by Jeff
>    Burdges et al (Difficult?).

Just noticed this minimalist whois client in node.js : 
https://github.com/carlospaulino/node-whoisclient/blob/master/index.js 

>  * Support a user specified "always use archive.is for these sites"
>    list.
> 
>  * UI improvements.

A task bar icon might find several uses:
- A "View this page through archive.is" button for when CFC misses a
CAPTCHA, or even if the CAPTCHA is not CloudFlare.
- A "contact site button" that worked even after passing to archive.is.
- A "Give me the CAPTCHA" button for those who configure CFC to
automatically load archive.is.  

I'm using another browser profile for this last point currently.  In
fact, it fit perfectly into my existing pattern of browser profiles.
Yet, browser profiles are not user-friendly, especially in TBB, so this
would benefit people who do not use profiles. 

Wonderful extension!
Jeff


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160330/0c798e1b/attachment.sig>

More information about the tor-dev mailing list