Opened 7 years ago

Closed 5 years ago

#5750 closed task (wontfix)

Create directory to house TBB test pages

Reported by: mikeperry Owned by: phobos
Priority: Medium Milestone:
Component: Archived/Ponies Version:
Severity: Keywords: NotWeasel, tor-sysadmin
Cc: Sebastian, tichodroma@… Actual Points:
Parent ID: #5292 Points:
Reviewer: Sponsor:

Description

We need a place to house some test pages for validating TBB builds against regressions and build failures. These tests can probably be static html for now, but they should be in a dir that is accessable from a couple different vhosts, to allow us to test things like url bar isolation.

We need this for #3846 and #5292.

Child Tickets

Change History (24)

comment:1 Changed 7 years ago by mikeperry

The vhosts should be different second-level domains. Ie: tbb-testing.torproject.org and tbb-testing.freehaven.net, for example.

comment:2 Changed 7 years ago by rransom

Can one of the names be an IP address? (The contents of www.tpo are already served from www-master's IP address.)

comment:3 Changed 7 years ago by mikeperry

It probably is a good idea to also test IP address for isolation, but no, we also need to test the domain-based stuff, so we need a second domain pointing at the thing.

comment:4 Changed 7 years ago by rransom

www-master.torproject.com currently does not resolve to an IP address. That should be a suitable name.

comment:5 Changed 7 years ago by phobos

Why not just use gitweb.torproject.{org|com|net} for these tests rather than setting up all new vhosts?

comment:6 Changed 7 years ago by rransom

Resolution: wontfix
Status: newclosed

gitweb.torproject.com doesn't resolve, either. But anyone can set up a pair of hidden services for these tests.

comment:7 Changed 7 years ago by mikeperry

Resolution: wontfix
Status: closedreopened

rransom: don't be a jerk. Unless you're volunteering to run these hidden services yourself and accept arbitrary files from random volunteers, you should not have closed this ticket.

If gitweb will serve raw html with the proper mime type that could work I think. Though it is currently unavailable at .net and .com.

As an aside might want to check that things like our ldap web frontend aren't vulnerable to cookie theft from other .torproject.org domains.. The blog and trac look fine, at least.

comment:8 in reply to:  5 Changed 7 years ago by phobos

Replying to phobos:

Why not just use gitweb.torproject.{org|com|net} for these tests rather than setting up all new vhosts?

These will resolve in 20 minutes.

comment:9 Changed 7 years ago by phobos

added in gitweb.torproject.se and gitweb.torproject.is too.

comment:10 in reply to:  7 Changed 7 years ago by rransom

Replying to mikeperry:

If gitweb will serve raw html with the proper mime type that could work I think. Though it is currently unavailable at .net and .com.

Gitweb isn't supposed to serve raw HTML with the proper MIME type.

comment:11 Changed 7 years ago by rransom

http://idnxcnkne4qt76tg.onion/ points to the content behind www.torproject.org (no redirect). Is that sufficient?

comment:12 Changed 7 years ago by rransom

svn.torproject.org would serve files with the proper MIME type, too. (You need at least three domains for a #5472 test.)

Hidden services look like the best option.

comment:13 Changed 7 years ago by mikeperry

phobos: Small nit: It might also be useful for http://gitweb.torproject.{is,com,net}/ to work, in case we want to test scheme changes for origin policy behavior.. Right now it "works", but it serves a weird gitweb theme directory or something instead of the gitweb root.

rransom: Why don't you want gitweb to serve HTML? No one logs into it, right?

I think I'd rather use git if at all possible, so we can more easily accept and merge people's patches and track the tests themselves. Using gitweb cuts out having to copy updates from git over to commit them in svn. More importantly, it also means user branches of the TBB tests can be directly tested from their remotes without those users needing to create their own servers.

comment:14 Changed 7 years ago by mikeperry

Parent ID: #5292

comment:15 Changed 7 years ago by mikeperry

Cc: Sebastian added

Oh, two more thoughts: We'll of course want to test that gitweb'a apache is not misconfigured such that inline php or other server-side code/SSI is allowed in .html files. Other than that, I see no major hazards. But it's also possible I missed something because I'm biased in favor of the gitweb idea.

Before this gets closed then, I think the last step is to create the repo for it. How about torbrowser-testing.git?

comment:16 in reply to:  13 Changed 7 years ago by rransom

Replying to mikeperry:

rransom: Why don't you want gitweb to serve HTML? No one logs into it, right?

Gitweb is intended to not serve files as HTML, because it is sometimes used to host partially trusted or untrusted repositories.

I don't have much of a problem with gitweb.tpo being reconfigured to serve files as HTML, but at a minimum, someone would have to reconfigure it. It may even require patching Gitweb.

I think I'd rather use git if at all possible, so we can more easily accept and merge people's patches and track the tests themselves. Using gitweb cuts out having to copy updates from git over to commit them in svn.

Subversion has the advantage that anyone who can commit to a repo can automatically specify files' MIME types, without having to ask an admin to hack up Gitweb or its configuration.

More importantly, it also means user branches of the TBB tests can be directly tested from their remotes without those users needing to create their own servers.

Only if those ‘user branches’ are hosted on gitweb.tpo or another specially reconfigured Gitweb installation.

I still think you're stuck with hidden services.

comment:17 Changed 7 years ago by Tichodroma

Cc: tichodroma@… added

comment:18 Changed 7 years ago by phobos

Component: CompanyTor Sysadmin Team
Priority: majornormal

comment:19 Changed 7 years ago by weasel

Resolution: not a bug
Status: reopenedclosed

Mike says he's unsure if this is the way to go. closing then. Re-open a new ticket if you know what you need from us.

comment:20 Changed 7 years ago by mikeperry

Keywords: NotWeasel added
Resolution: not a bug
Status: closedreopened

That's not exactly what I said. Here's what I said:
00:35 < weasel> mikeperry: what's the deal with 5750? still something you need?
00:37 < mikeperry> in some form, yes.. not sure if that ticket is the best or final form, though..

We definitely want some place to put the web side of our test pages... If you hate the web, there's still options for you to ignore this ticket without closing it, you know.

Are you familiar with trac's query features? You can exclude tickets by tag. For example, to display all Trac sysadmin tickets *without* the keyword NotWeasel, you can use:
https://trac.torproject.org/projects/tor/query?component=Tor+Sysadmin+Team&keywords=!~NotWeasel

comment:21 Changed 7 years ago by weasel

Component: Tor Sysadmin TeamPonies

comment:22 Changed 7 years ago by mikeperry

Keywords: tor-sysadmin added

Man, I was all about this Ponies component idea.. But now I think we need more than one type of Pony.

comment:23 Changed 7 years ago by phobos

We could just create tbb-test.torproject.org or something as a static site, add it to the pile of other static sites, and let you go nuts.

comment:24 Changed 5 years ago by phobos

Resolution: wontfix
Status: reopenedclosed

It seems no one cares, closing again.

Note: See TracTickets for help on using tickets.