Opened 5 years ago

Last modified 23 months ago

#7638 reopened defect

ip-check.info: the 'window.name' attribute is traceable across sites

Reported by: WDXfjqDN4QKGYrlY Owned by: mikeperry
Priority: High Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-firefox-patch
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

On a fresh install of tor-browser-gnu-linux-x86_64-2.3.25-1-dev-en-US and going to http://ip-check.info/?lang=en reveals that (when javascript is enabled, which is the default) the window.name attribute is traceable across sites.

This issue was first seen in 'tor-browser-gnu-linux-x86_64-2.2.39-5-dev-en-US'.
It did not seem to occur in versions prier to 'tor-browser-gnu-linux-x86_64-2.2.39-5-dev-en-US'.

Attribute:Tab name
Value:"window.name" is traceable. Your unique ID: 2372370
Rating:bad

Pop-up help text when hovering over the 'Attribute' text:
Using the attribute "window.name", a website may give the current tab a name. The attribute "window.name" may get misued for marking your current tab. It remains the same over several websites until a site you visit sets a new value.

Pop-up help text when hovering over the 'Value' text:
Recommended: The name of the current tab should be deleted once you are surfing to a new website domain.

Firefox: Use the JonDoFox or Torbutton profile.
Chrome: Use the extension "window name eraser".

You may delete its value also by closing this browser tab.

Pop-up help text when hovering over the 'Rating' text:
Your browser may get traced over your current tab.

Reproduction:
0) download and extract 'tor-browser-gnu-linux-x86_64-2.2.39-5-dev-en-US' or any Tor Browser Bundle released since that version.
1) Start up Tor Browser with 'start-tor-browser' in 'tor-browser_en-US'
2) Proceed to: 'http://ip-check.info/?lang=en'
3) Click on the text "START TEST! Please click here to start the full anonymity test IP check and see all results."
4) Examine the attribute 'Tab name'.

Note that in previous versions of the Tor Browser Bundle this attribute is not traceable.

Child Tickets

Change History (8)

comment:1 Changed 5 years ago by rransom

Component: TorFirefox Patch Issues
Owner: set to mikeperry

comment:2 Changed 5 years ago by gk

This is a feature according to the currently available design documentation:

"n order to eliminate linkability but still allow for sites that utilize this property to function, we reset the window.name property of tabs in Torbutton every time we encounter a blank referer. This behavior allows window.name to persist for the duration of a link-driven navigation session, but as soon as the user enters a new URL or navigates between https/http schemes, the property is cleared." (https://www.torproject.org/projects/torbrowser/design/ section 3.5.8)

There might be plans to change that, though: https://trac.torproject.org/projects/tor/ticket/5273#comment:10 and there:

"2. We should only preserve window.name if the url bar domain remains the same. I could be convinced of this, but it's going to be trickier to implement and I think it's not really possible to remove linkability for user clicks in general."

comment:3 Changed 5 years ago by WDXfjqDN4QKGYrlY

This issue appears to be fixed in tor-browser-gnu-linux-x86_64-2.3.25-4-dev-en-US. At the very least the site is reporting it is functioning correctly for me.

comment:4 Changed 5 years ago by mikeperry

Resolution: not a bug
Status: newclosed

comment:5 Changed 4 years ago by arma

Resolution: not a bug
Status: closedreopened

Another user reported this one today. Apparently the output from the http://ip-check.info/?lang=en page makes them worried.

I wonder, if we're planning to call this not-a-bug on our side, if we should help the ip-check.info people change something on their end?

comment:6 Changed 3 years ago by erinn

Keywords: tbb-firefox-patch added

comment:7 Changed 3 years ago by erinn

Component: Firefox Patch IssuesTor Browser

comment:8 Changed 23 months ago by bugzilla

Keywords: window.name tab removed
Milestone: TorBrowserBundle 2.3.x-stable
Severity: Normal
Summary: defect: the 'window.name' attribute is traceable across sitesip-check.info: the 'window.name' attribute is traceable across sites
Version: Tor: 0.2.2.39

Propose closing as INVALID if the site is not right.

Note: See TracTickets for help on using tickets.