Opened 8 years ago

Closed 8 years ago

#4176 closed task (fixed)

Check that there are no holes left by the removal of nsIContentPolicy

Reported by: pde Owned by: pde
Priority: Medium Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Keywords:
Cc: mikeperry, vic.garin@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Since this commit:
https://gitweb.torproject.org/https-everywhere.git/blobdiff/eb212b2e785b1760f976d2b7358a187f2adc82b1..445aa51a61fa2ec50998ac802c3d0c4261787929:/src/components/https-everywhere.js

To close #3882 , we should run more tests to ensure that no HTTP requests are escaping redirection.

We have done a bit of this without plugins, but we should also perform more and with plugins. Methodology:

Run a wireshark capture with the BPF set to "port 80" (or a protocol-level equivalent?).

Do a lot of browsing.

Filter out the HTTP Request packets.

See if any of them should have been rewritten.

Child Tickets

Change History (6)

comment:1 Changed 8 years ago by vic

Cc: vic.garin@… added

Why do you need to disable the nsIContentPolicy::shouldLoad / forceURI path?

Firefox devs fixed it - See: https://bugzilla.mozilla.org/show_bug.cgi?id=677643

No longer able to crash Firefox Nightly with the latest HTTPS Everywhere dev release and the STR there.

comment:2 Changed 8 years ago by pde

No security holes yet, but #4149 was triggered by the removal of the nsIContentPolicy path.

comment:3 Changed 8 years ago by pde

Also bug #4194 (requests for web font objects do not happen if we try to perform channel replacement on them).

comment:5 Changed 8 years ago by vic

Not sure where you want this discussion to go (copied from #3882 )

Replying to pde:

Replying to vic:

Why do you need to disable the nsIContentPolicy::shouldLoad / forceURI path?

Because the Firefox patch isn't in Firefox 4-7, and we'd prefer not to crash those browsers?

The removal was in the main branch of HTTPS Everywhere.

Right now Firefox 4-6 has no security updates.

My suggestion is to keep the nsIContentPolicy::shouldLoad / forceURI path in HTTPS Everywhere v2.0.xDev and release version 2 on the same day that Firefox 8 ships.

Please restore the nsIContentPolicy::shouldLoad / forceURI path in stable version.

Despite Giorgio's concerns, we haven't yet found any cases in which disabling nsIContentyPolicy caused an insecure HTTP load. If we find any, we'll try to turn it back on just for those cases.

Really would appreciate if you left it on for Everything, just in case.

I mean come to think of it, the patch released @ https://bugzilla.mozilla.org/show_bug.cgi?id=677643 for Firefox 8+ is now useless? The patch was because we were using the nsIContentPolicy::shouldLoad / forceURI path right?

comment:6 in reply to:  5 Changed 8 years ago by pde

Resolution: fixed
Status: newclosed

Replying to vic:

Really would appreciate if you left it on for Everything, just in case.

I mean come to think of it, the patch released @ https://bugzilla.mozilla.org/show_bug.cgi?id=677643 for Firefox 8+ is now useless? The patch was because we were using the nsIContentPolicy::shouldLoad / forceURI path right?

Well it's not useless in the cases where we've reenabled that path :).

Perhaps once FF8 has been released, we can consider reenabling elsewhere.

Note: See TracTickets for help on using tickets.