[tor-talk] [IDEA] Google App Engine, Tor Hidden Service Viewer

Fabio Pietrosanti (naif) lists at infosecurity.ch
Tue Jan 14 14:31:37 UTC 2014


Il 1/13/14, 9:53 PM, Seth David Schoen ha scritto:
>
> Tor2web also allows linking to and spidering of hidden service sites,
> which you might or might not intend to allow.  In that configuration,
> it's hard for some people to understand that the proxy isn't actually
> hosting the hidden sites.  They don't realize that it's a proxy to
> something that exists elsewhere.
Tor2web add an X-Tor2web HTTP header in each of the request going to the
TorHS.

That way the owner of the TorHS can block all of the requests coming
from Tor2web or manage it with configurable access policy like we're
doing into GlobaLeaks software.

-- 
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org



More information about the tor-talk mailing list