Opened 7 months ago

Closed 7 months ago

Last modified 7 months ago

#25770 closed defect (wontfix)

Connection established before External App Blocker prompt

Reported by: sysrqb Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

This will likely require a Firefox patch, but it seems like Firefox pre-emptively establishes a connection with the server before the user is prompted about downloading a file. This isn't obvious.

In addition to #25672 comment 2 I see:

[04-11 00:10:08] Torbutton INFO: tor SOCKS: https://dist.torproject.org/torbrowser/7.5.3/torbrowser-install-7.5.3_en-US.exe via
                       --unknown--:71e69d27f4adff41fb754a6dc960dfeb
[04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 61 NEW 0 dist.torproject.org:443 SOURCE_ADDR=127.0.0.1:46918 PURPOSE=USER
[04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 61 SENTCONNECT 36 dist.torproject.org:443
[04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 61 REMAP 36 38.229.72.17:443 SOURCE=EXIT
[04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 61 SUCCEEDED 36 38.229.72.17:443
[04-11 00:10:09] Torbutton INFO: Component Load 0: New ExternalAppBlocker.
[04-11 00:10:13] Torbutton INFO: controlPort >> 650 STREAM 60 CLOSED 36 138.201.14.197:443 REASON=DONE
[04-11 00:10:21] Torbutton INFO: controlPort >> 650 STREAM 61 CLOSED 36 38.229.72.17:443 REASON=CONNRESET

The CONNRESET is when I click Cancel.

Child Tickets

Change History (4)

comment:1 Changed 7 months ago by gk

Status: newneeds_information

Well, how should the external app blocker kick in *without* a connection being established first and some indication about what kind of file it is that is being requested? That's important, because, as the name says this component is only responsible for blocking external apps from kicking in and handling file types the browser can't handle itself.

comment:2 Changed 7 months ago by gk

Another important thing to mention here although, looking at your log snippet, I am not sure whether it fits: the Torbutton log output is not necessarily saying the truth about whether actual connections got made. In particular if it is indicating that speculative connections are made chances are pretty high that this did not happen. For an analysis see: comment:3:ticket:18762 which was affecting a bunch of bugs (e.g. #16324).

comment:3 in reply to:  1 Changed 7 months ago by sysrqb

Resolution: wontfix
Status: needs_informationclosed

Replying to gk:

Well, how should the external app blocker kick in *without* a connection being established first and some indication about what kind of file it is that is being requested? That's important, because, as the name says this component is only responsible for blocking external apps from kicking in and handling file types the browser can't handle itself.

Okay, this description was not well worded. I now realize this is a little complex, after reading the bugs related to #25773. I am most worried about the "Save Link As..." situation. I think I'll close this bug as WONTFIX because this isn't really the problem.

comment:4 in reply to:  2 Changed 7 months ago by sysrqb

Replying to gk:

Another important thing to mention here although, looking at your log snippet, I am not sure whether it fits: the Torbutton log output is not necessarily saying the truth about whether actual connections got made. In particular if it is indicating that speculative connections are made chances are pretty high that this did not happen. For an analysis see: comment:3:ticket:18762 which was affecting a bunch of bugs (e.g. #16324).

And just as a follow up on this, it is possible the OCSP request is not actually happening. I didn't confirm this with tcpdump, however the speculative connection and download is happening and I confirmed with tcpdump and server-side logs before opening #25773.

Note: See TracTickets for help on using tickets.