Opened 3 months ago

Closed 3 months ago

#30983 closed enhancement (wontfix)

http-header Leak

Reported by: cypherpunks Owned by:
Priority: Medium Milestone:
Component: Core Tor/Tor Version: Tor: unspecified
Severity: Normal Keywords: http-header, leak
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

The http-header is leaked once another software but Torbrowser is used (e.g. a messenger, a FTP-program, subversion...).

The http-header anonymization thus should be implemented in Tor, not in Torbrowser.

Child Tickets

Change History (2)

comment:1 Changed 3 months ago by gk

Component: ApplicationsCore Tor/Tor
Priority: Very HighMedium
Severity: CriticalNormal

I am not convinced we should do that in Tor but that's nothing for me to decide, moving this over to the Tor component.

comment:2 Changed 3 months ago by nickm

Resolution: wontfix
Status: newclosed

This kind of leak needs to be solved in the application, not in Tor. Otherwise there is no way to clean up HTTPS.

Note: See TracTickets for help on using tickets.