Opened 2 years ago

Closed 2 years ago

#24948 closed defect (duplicate)

Defense against resource:// and chrome:// fingerprinting breaks other addons

Reported by: vanowm Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-torbutton, ff60-esr-will-have
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


With Torbutton enabled many addon with inline options (options that shown on about:addon page) failing with:
XML Parsing Error: undefined entity Location

due to .dtd files are blocked(?)

Example Back/Forward History Tweaks - options fail to open
FireGestures it just doesn't work and options also fail to show properly, with the error above.

Disabling Torbutton fixes is.

Child Tickets

Change History (4)

comment:1 Changed 2 years ago by cypherpunks

Parent ID: #24949

comment:2 Changed 2 years ago by gk

Parent ID: #24949

comment:3 Changed 2 years ago by gk

Component: Applications/TorbuttonApplications/Tor Browser
Keywords: tbb-torbutton ff60-esr-will-have added
Owner: set to tbb-team
Summary: Torbutton breaks other addonsDefense against resource:// and chrome:// fingerprinting breaks other addons

The defense against fingerprinting via resouce:// and chrome:// links embedded into web sites is causing the breakage (see: #8725). If you really think that's okay for you just flip extensions.torbutton.resource_and_chrome_uri_fingerprinting and set it to true. Then your extensions will work again. Patches are welcome to make the stopgap we deployed working with those and other extensions while still mitigating the fingerprinting. We won't work on that, though.

Assuming that our upstreamed patch does not have this problem then this will be fixed with the switch to ESR 60.

comment:4 Changed 2 years ago by gk

Resolution: duplicate
Status: newclosed

Duping this over to #26189 as the fix is to remove our hack.

Note: See TracTickets for help on using tickets.