Opened 8 years ago

Closed 8 years ago

Last modified 3 years ago

#7049 closed defect (fixed)

[SSL Observatory] localhost Tor detection breaks once the user has picked "submit certs without Tor"

Reported by: pde Owned by: mikeperry
Priority: Immediate Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


The way that submitting certs directly is implemented in the observatory is by setting use_custom_proxy to True and configuring the proxy to be a passthrough.

But that state confuses the code that tries to tell whether Tor is available for routing Observatory requests:

What that means is if the user picks "submit certs even if Tor is not available", then next time they restart Firefox, "submit through Tor" will no longer be an option though Tor is running on localhost:9050.

I think this blocks 3.0 stable.

Child Tickets

Change History (5)

comment:1 Changed 8 years ago by pde

Per Mike's comments in getProxySettings(), we could consider a new use_direct variable to replace our current use of use_custom_proxy. In that possible world, use_custom_proxy would be reserved for actual custom Tor proxy settings (ie, Tor power users only).

However we would need to add some transition code, so that all the people who have use_custom_proxy set to true, with a direct proxy, due to the settings code in past versions of HTTPS Everywhere, would not have their settings change under them.

A hackier solution would be to add "and it's not a direct proxy" to the test on line 750. That would disenfranchise people who really and truly edited about:config to say that they wanted to use a custom tor proxy, and that proxy was direct. Does such a possibility exist?

comment:2 Changed 8 years ago by pde

I sort of think that such people could probably configure the Observatory inside about:config, without using the Observatory preferences menu...

comment:4 Changed 8 years ago by pde

Resolution: fixed
Status: newclosed

comment:5 Changed 3 years ago by teor

Severity: Normal

Set all tickets without a severity to "Normal"

Note: See TracTickets for help on using tickets.