[tor-bugs] #22320 [Applications/Tor Browser]: Referrer not hidden when comming from a .onion address

[Tor Bug Tracker & Wiki]

#22320: Referrer not hidden when comming from a .onion address
--+--
 Reporter:  pege  |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 In TorBroswer 7.0a4, when leaving a .onion page for a clearnet page, the
 .onion address is sent as referrer.

 This should not be the case and has originally been disabled with
 [https://gitweb.torproject.org/tor-browser.git/commit/?h=tor-
 browser-45.8.0esr-6.5-2&id=09188cb14dfaa8ac22f687c978166c7bd171b576 this
 commit] and appears to have been
 [https://bugzilla.mozilla.org/show_bug.cgi?id=1305144 uplifted to Firefox]
 since. The `network.http.referer.hideOnionSource` preference is set to
 `true` but seems to have no effect.

 Steps to reproduce:
 1. Go to [https://3g2upl4pq6kufc4m.onion/ duckduckgo's onion page]
 2. enter any search term
 3. click on one of the result
 4. open the inspector observe the .onion referrer being send to the target
 page

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22320 [Applications/Tor Browser]: Referrer not hidden when comming from a .onion address

[Tor Bug Tracker & Wiki]

#22320: Referrer not hidden when comming from a .onion address
-+-
 Reporter:  pege |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201705R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  new => needs_review
 * cc: arthuredelstein (added)
 * keywords:   => ff52-esr, tbb-7.0-must, TorBrowserTeam201705R


Comment:

 It seems to me the Firefox patch is wrong. What we want to have is
 `network.http.referer.spoofOnionSource` and not
 `network.http.referer.hideOnionSource`. `bug_22320`
 (https://gitweb.torproject.org/user/gk/tor-
 browser.git/commit/?h=bug_22320&id=c3a849a2b5f57a4860c16975be9c12fed22ed910)
 in my public repo fixes that.

 pege: Does adding that preference fix the problem for you as well?
 Arthur: Assuming I am right could you open a Mozilla bug correcting the
 patch ("(use target URI as referer)" in `all.js` is wrong as well)?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22320 [Applications/Tor Browser]: Referrer not hidden when comming from a .onion address

[Tor Bug Tracker & Wiki]

#22320: Referrer not hidden when comming from a .onion address
-+-
 Reporter:  pege |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201705R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by pege):

 Yes, using `spoofOnionSource` does the trick. `hideOnionSource` would
 appear to be the more accurate name though. Doesn't look like anything is
 spoofed.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22320 [Applications/Tor Browser]: Referrer not hidden when comming from a .onion address

[Tor Bug Tracker & Wiki]

#22320: Referrer not hidden when comming from a .onion address
-+-
 Reporter:  pege |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201705R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arthuredelstein):

 Yes, this was an error on my part in the Firefox patch. It should have
 been "network.http.referer.hideOnionSource" in the whole patch. I will
 post a fixup here and also submit it to Mozilla. Sorry for the mistake.

 In the Mozilla patch, the decision was to hide the referrer, rather than
 spoofing it, when leaving an onion source.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22320 [Applications/Tor Browser]: Referrer not hidden when comming from a .onion address

[Tor Bug Tracker & Wiki]

#22320: Referrer not hidden when comming from a .onion address
-+-
 Reporter:  pege |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201705R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by tokotoko):

 * cc: fdsfgs@… (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22320 [Applications/Tor Browser]: Referrer not hidden when comming from a .onion address

[Tor Bug Tracker & Wiki]

#22320: Referrer not hidden when comming from a .onion address
-+-
 Reporter:  pege |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201705R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arthuredelstein):

 Here's the patch:
 https://github.com/arthuredelstein/tor-browser/commit/22320

 I manually tested this and confirmed that when the pref
 "network.http.referer.hideOnionSource" is true, no referer is sent in the
 headers when leaving an onion site. But when the pref is false, a referer
 containing the .onion domain is sent.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22320 [Applications/Tor Browser]: Referrer not hidden when comming from a .onion address

[Tor Bug Tracker & Wiki]

#22320: Referrer not hidden when comming from a .onion address
-+-
 Reporter:  pege |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201705R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arthuredelstein):

 The Mozilla bug is at
 https://bugzilla.mozilla.org/show_bug.cgi?id=1367564

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22320 [Applications/Tor Browser]: Referrer not hidden when comming from a .onion address

[Tor Bug Tracker & Wiki]

#22320: Referrer not hidden when comming from a .onion address
-+-
 Reporter:  pege |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201705R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by gk):

 Could you correct the comment in `all.js` as well (see comment:1) (in the
 Mozilla patch, too)? Apart from that looks good to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22320 [Applications/Tor Browser]: Referrer not hidden when comming from a .onion address

[Tor Bug Tracker & Wiki]

#22320: Referrer not hidden when comming from a .onion address
-+-
 Reporter:  pege |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201705R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * cc: mcs, brade (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22320 [Applications/Tor Browser]: Referrer not hidden when comming from a .onion address

[Tor Bug Tracker & Wiki]

#22320: Referrer not hidden when comming from a .onion address
-+-
 Reporter:  pege |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201705R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arthuredelstein):

 Replying to [comment:7 gk]:
 > Could you correct the comment in `all.js` as well (see comment:1) (in
 the Mozilla patch, too)? Apart from that looks good to me.

 Good point. The comment was already corrected in
 https://bugzilla.mozilla.org/show_bug.cgi?id=1357247 but I didn't backport
 it until now.

 New patch with both comment and implementation fixed:
 https://github.com/arthuredelstein/tor-browser/commit/22320+1

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22320 [Applications/Tor Browser]: Referrer not hidden when comming from a .onion address

[Tor Bug Tracker & Wiki]

#22320: Referrer not hidden when comming from a .onion address
-+-
 Reporter:  pege |  Owner:  tbb-
 |  team
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201705R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by mcs):

 r=mcs
 I did not test the patch, but it looks correct to me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22320 [Applications/Tor Browser]: Referrer not hidden when comming from a .onion address

[Tor Bug Tracker & Wiki]

#22320: Referrer not hidden when comming from a .onion address
-+-
 Reporter:  pege |  Owner:  tbb-
 |  team
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  ff52-esr, tbb-7.0-must,  |  Actual Points:
  TorBrowserTeam201705R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Applied to `tor-browser-52.1.1esr-7.0-1` and `tor-browser-52.1.0esr-7.0-2`
 (commit 326e9aedfec184325ae95059d12e6b674bfa9013 and
 f59a7bc0288dcf5efaa71ebe8f591d7edea7b7b7).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs