Opened 2 years ago

Closed 2 years ago

#26353 closed defect (fixed)

First request after copying and pasting an URL in URL bar seems to go over the catch-all circuit

Reported by: gk Owned by: tbb-team
Priority: High Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: ff60-esr, tbb-linkability, TorBrowserTeam201807R
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


If one goes e.g. to our blog and copies and pastes a link from the Upcoming Events section (like and hits return then the first request seems to go over the catch-all circuit:

[06-12 08:47:21] Torbutton INFO: tor SOCKS: via
[06-12 08:47:21] Torbutton INFO: tor SOCKS: via

If that's indeed the case we need to fix that

Child Tickets

Change History (3)

comment:1 Changed 2 years ago by arthuredelstein

Keywords: TorBrowserTeam201807R added
Status: newneeds_review

I tracked this down to a speculative connect. It also occurs if the user enters a search term or types in a full http or https URL.

Here's a patch that disables the speculative connect for now:

I have also opening a bug on bugzilla to try to track down exactly why FPI is violated here:

comment:2 Changed 2 years ago by mcs

The patch looks good to me. Nice find by both of you! Unlike some truly speculative connects such as in response to someone hovering over a link with their mouse, this one is not speculative in the same way (because a network connection is going to happen soon anyway). That is probably why the change that added this "speculative" connect did not raise any red flags for Kathy and me when we reviewed the undocumented FF57 bugs (see

comment:3 Changed 2 years ago by gk

Resolution: fixed
Status: needs_reviewclosed

Thanks. Cherry-picked to tor-browser-60.1.0esr-8.0-1 (commit 1b1c4e4143d57a72e02464ac3bc343bd6d57ec9e).

Note: See TracTickets for help on using tickets.