Opened 3 years ago

Last modified 5 months ago

#19757 new defect

Make a menu to add onion and auth-cookie to TB

Reported by: mrphs Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: ux-team, tbb-usability, tor-hs
Cc: dmr Actual Points:
Parent ID: #30000 Points:
Reviewer: Sponsor: Sponsor27-must

Description (last modified by mrphs)

Currently it's very difficult to add an onion address and auth cookie to Tor Browser.

It would be nice to have an option in torbutton menu where you can set HidServAuth and optionally MapAddress, instead of having to edit your TB torrc file.

Child Tickets

Change History (12)

comment:1 Changed 3 years ago by mrphs

Description: modified (diff)

comment:2 Changed 3 years ago by mrphs

Description: modified (diff)

comment:3 Changed 3 years ago by teor

I thought you could pass an auth cookie using the address x.y.onion, where x is the auth cookie, and y is the onion address.

comment:4 Changed 3 years ago by mrphs

I didn't know about this (where is it documented?!), and even if you can it's still hella difficult and confusing.

comment:5 in reply to:  4 ; Changed 3 years ago by teor

Replying to mrphs:

I didn't know about this (where is it documented?!), and even if you can it's still hella difficult and confusing.

I was wrong, using x.y.onion is not documented or implemented anywhere.
(I wonder why I thought that?)

comment:6 Changed 16 months ago by dmr

Cc: dmr added
Keywords: ux-team tor-hs added; UX removed

comment:7 in reply to:  5 Changed 16 months ago by dmr

Replying to teor:

I was wrong, using x.y.onion is not documented or implemented anywhere.
(I wonder why I thought that?)

I wanted to add to this old discussion that x.y.onion exists as a way to do subdomains for an .onion, as of #6344. (That may be where you were thinking of this from, teor.)

So it couldn't reasonably be overloaded for this sort of client-auth feature.

comment:8 Changed 16 months ago by teor

There isn't any existing part of the URL that can be overloaded for this kind of feature, because an onion site can use any URL feature:
https://en.m.wikipedia.org/wiki/URL#Syntax

Also, overloading the URL is poor UI. And it won't work when sites embed resources from the authenticated site.

The menu item is a much better idea,

comment:9 Changed 11 months ago by traumschule

where is it documented

not yet (#25277, #27680), but a user gave me this link on irc: comment:1:ticket:27680

comment:10 Changed 5 months ago by pili

Sponsor: Sponsor27

comment:11 Changed 5 months ago by gk

Sponsor: Sponsor27Sponsor27-must

Add Sponsor27-must items for Objective 2

comment:12 Changed 5 months ago by pili

Parent ID: #30000
Note: See TracTickets for help on using tickets.