[tor-reports] Arthur E.'s Report for April 2014
Arthur D. Edelstein
arthuredelstein at gmail.com
Wed Apr 30 19:01:40 UTC 2014
This month I worked on two tickets for the Browser Hacker Trial Contract.
The first ticket, #9308
(https://trac.torproject.org/projects/tor/ticket/9308), reported a bug
involving the leaking of the Tor Browser's install path on a user's
private computer to any website deploying certain JavaScript code. I
fixed this bug by writing a C++ patch for tor-browser.git that rewrote
the leaked paths so that they no longer reveal private information.
The patch was reviewed and included in the 3.6 Tor Browser release.
The second ticket, #10189
(https://trac.torproject.org/projects/tor/ticket/10819), proposed to
add a pref in the Tor Browser that enables/disables the isolation of
DOM storage data and cached images into silos per URL bar
("first-party") domain. I submitted a C++ patch implementing this pref
for tor-browser.git. The patch is currently under review.
Arthur Edelstein
More information about the tor-reports
mailing list