Opened 4 years ago

Closed 4 years ago

#17498 closed defect (not a bug)

Torbutton refererSpoof seems broken

Reported by: yupyup Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Trying extensions.torbutton.refererspoof setting of 0, 1, and 2 all give the same response: no referrer sent.

The same happens even when network.http.referer.spoofSource is set to true.

Torbrowser version 5.0.3. Tested on HTTPS site.

Child Tickets

Change History (3)

comment:1 Changed 4 years ago by yupyup

I used this site to test referrer:

network.http.sendSecureXSiteReferrer is set to true

network.http.sendRefererHeader is set to 2

Last edited 4 years ago by yupyup (previous) (diff)

comment:2 Changed 4 years ago by yupyup

Component: TorbuttonTor Browser
Owner: set to tbb-team

comment:3 Changed 4 years ago by gk

Resolution: not a bug
Status: newclosed

We don't spoof Referers anymore (see: https://www.torproject.org/projects/torbrowser/design/#deprecate section 1). Leaving .onion domains being the exception starting with Tor Browser 5.0.4/5.5a4/5.5a4-hardened.

Note: See TracTickets for help on using tickets.