The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2023-11-13T16:04:16Zhttps://gitlab.torproject.org/tpo/web/support/-/issues/338Improve on the differences between TB and using other browsers with a system Tor2023-11-13T16:04:16ZemmapeelImprove on the differences between TB and using other browsers with a system TorThe page https://support.torproject.org/tbb/tbb-9/ could have:
- More information about cookie isolation, no history, etc
- A better URL
- That graph with all the non-tor-related privacy features Tor Browser hasThe page https://support.torproject.org/tbb/tbb-9/ could have:
- More information about cookie isolation, no history, etc
- A better URL
- That graph with all the non-tor-related privacy features Tor Browser hashttps://gitlab.torproject.org/tpo/network-health/metrics/tor-check/-/issues/40015Get rid of gitweb tor-check reference2023-11-13T15:56:22ZGeorg KoppenGet rid of gitweb tor-check referenceGeorg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/network-health/metrics/website/-/issues/40086Populate bridgedb-metrics entry on https://metrics.torproject.org/collector.html2023-11-13T15:56:01ZGeorg KoppenPopulate bridgedb-metrics entry on https://metrics.torproject.org/collector.htmlWe have https://metrics.torproject.org/collector.html#bridgedb-metrics but there is nothing explained on how we parse or deal with those metrics. The spec for that is https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/blob/main...We have https://metrics.torproject.org/collector.html#bridgedb-metrics but there is nothing explained on how we parse or deal with those metrics. The spec for that is https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/blob/main/doc/bridgedb-metrics-spec.txt. We should look over our code and compare it to the spec and make sure both match and then document the steps on collector.html.Georg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/web/support/-/issues/203add explanation about disabled Master Password, on support portal or ideally ...2023-11-13T13:44:30Zemmapeeladd explanation about disabled Master Password, on support portal or ideally in tor browser itselfA user entered today on the irc asking how could they add a master password to the Tor Browser. It seems a common doubt for new users.
Proposal:
- Maybe it will be good to have an official explanation on our Support portal about why the...A user entered today on the irc asking how could they add a master password to the Tor Browser. It seems a common doubt for new users.
Proposal:
- Maybe it will be good to have an official explanation on our Support portal about why there is no master password in Tor Browser?
From the Tor Browser Design Draft (https://2019.www.torproject.org/projects/torbrowser/design/):
We disable the password saving functionality in the browser as part of our Disk Avoidance requirement. However, since users may decide to re-enable disk history records and password saving, we also set the signon.autofillForms preference to false to prevent saved values from immediately populating fields upon page load. Since JavaScript can read these values as soon as they appear, setting this preference prevents automatic linkability from stored passwords.
(we should write a more simple answer)https://gitlab.torproject.org/tpo/web/support/-/issues/332tbb-firewall-ports link from "the firewalled-clients FAQ entry" is out of date2023-11-13T06:42:49ZEliastbb-firewall-ports link from "the firewalled-clients FAQ entry" is out of dateFAQ pages > I'm behind a NAT/Firewall > the firewalled-clients FAQ entry: https://support.torproject.org/tbb/tbb-firewall-ports/
The first suggestion, to visit portforward.com is bad. Portforward simply wants to sell janky software. ...FAQ pages > I'm behind a NAT/Firewall > the firewalled-clients FAQ entry: https://support.torproject.org/tbb/tbb-firewall-ports/
The first suggestion, to visit portforward.com is bad. Portforward simply wants to sell janky software. Their trial version is not helpful; their site does little to help someone with complicated firewall issues.
The second suggestion is out of date: Adding "FascistFirewall 1" or "ReachableOR Addresses/ReachableDir Addresses" to torrc produces error messages and blocks startup.
Error message example:
Nov 08 03:50:33 DietPi tor[4265]: Nov 08 03:50:33.820 [notice] Read configuration file "/etc/tor/torrc".
Nov 08 03:50:33 DietPi tor[4265]: Nov 08 03:50:33.823 [warn] The ReachableDirAddresses option is deprecated, and will most likely be removed in a future version of Tor. It has no effect on relays, and has had no effect on clients since 0.2.8. (If you think this is a mistake, please let us know!)
Nov 08 03:50:33 DietPi tor[4265]: Nov 08 03:50:33.824 [warn] Failed to parse/validate config: Servers must be able to freely connect to the rest of the Internet, so they must not set Reachable*Addresses or FascistFirewall or FirewallPorts or ClientUseIPv4 0.
The firewalled FAQ web page is pretty useless at this point. Should be updated.https://gitlab.torproject.org/tpo/web/support/-/issues/181Add to FAQ section "Is it worth upgrading my Tor Relay"2023-11-13T05:22:53ZBurnleydevAdd to FAQ section "Is it worth upgrading my Tor Relay"Saw this question **"Is it worth upgrading my Tor Relay"** on reddit.com/r/Tor. It's worth adding it to the FAQ section to help others.Saw this question **"Is it worth upgrading my Tor Relay"** on reddit.com/r/Tor. It's worth adding it to the FAQ section to help others.https://gitlab.torproject.org/tpo/web/support/-/issues/178Support Portal: How to Access an Onion Service2023-11-13T05:06:00ZSehrish AslamSupport Portal: How to Access an Onion ServiceNote: Came across a user asking for help on Reddit on "How to setup .onion website".
On [Support Portal](https://support.torproject.org/) under [Onion Services](https://support.torproject.org/onionservices/) two important titles must b...Note: Came across a user asking for help on Reddit on "How to setup .onion website".
On [Support Portal](https://support.torproject.org/) under [Onion Services](https://support.torproject.org/onionservices/) two important titles must be added.
1. How To Access an Onion Service with a brief introduction and link to [HOW TO ACCESS AN ONION SERVICE](https://tb-manual.torproject.org/onion-services/)
2. How to Configure Onion Services for Tor with link to [How to Configure Onion Services for Tor](https://2019.www.torproject.org/docs/tor-onion-service.html.en)
IMHO, in order to make website UX/UI friendly links must be added so users find required information without any trouble. Although there is a separate page under [User Manual](https://tb-manual.torproject.org/about/) about [Onion Services](https://tb-manual.torproject.org/onion-services/) but I believe these two must be linked together.
Additionally, [Onion Services](https://support.torproject.org/glossary/) entry in Glossary must also include link to detailed description on [Onion Services](https://tb-manual.torproject.org/onion-services/)
@gus if you approve these suggestion I can work on this.https://gitlab.torproject.org/tpo/web/support/-/issues/148Bad instructions in Support Portal, "How can I verify Tor Browser's signature...2023-11-12T20:12:24ZTracBad instructions in Support Portal, "How can I verify Tor Browser's signature?", discourage, deter, and prevent users on macOS from verifying the Signature of downloaded Tor Browser packagesPlatform: Tor Browser 8.5.5 on macOS Mojave 10.14.6
Users on macOS who rely solely on and adhere to the crucial Support Portal instructions currently appearing in [How can I verify Tor Browser's signature?](https://support.torproject.or...Platform: Tor Browser 8.5.5 on macOS Mojave 10.14.6
Users on macOS who rely solely on and adhere to the crucial Support Portal instructions currently appearing in [How can I verify Tor Browser's signature?](https://support.torproject.org/tbb/how-to-verify-signature/) never will be able to use the Tor Browser Developer's signing key to verify the Signature of a downloaded Tor Browser package.
"How can I verify Tor Browser's signature?" instructions contain misinformed, inaccurate, and incomplete instructions for users on macOS needing to use the Tor Developer's Signing key (".asc" file) to verify the Signature of a downloaded Tor Browser package (".dmg" file).
The crucial "How can I verify Tor Browser's signature?" instructions for users on Windows and GNU/Linux to verify the Signature of a downloaded Tor Browser package DO NOT WORK for users on macOS.
The current "How can I verify Tor Browser's signature?" documentation instructs users on macOS, Windows, and GNU/Linux, to enter a command with `gpgv --keyring ./tor.keyring` in the command line, and the command looks something like the following command to verify the Signature of a downloaded Tor Browser package, but a command with `gpgv --keyring ./tor.keyring` in the command line DOES NOT WORK for users on macOS:
`gpgv --keyring ./tor.keyring ~/Downloads/TorBrowser-8.5.4-osx64_en-US.dmg{.asc,}`
For users on macOS, the preceding command or other similar command using `gpgv --keyring ./tor.keyring` in the command line returns the following message:
`gpgv: keyblock resource './tor.keyring': No such file or directory`
`gpgv: no valid OpenPGP data found.`
`gpgv: the signature could not be verified.`
`Please remember that the signature file (.sig or .asc)`
`should be the first file given on the command line.`
For users on macOS, attempts to verify the Signature of a downloaded Tor Browser package by using `gpgv --keyring .\tor.keyring` in the command line will fail.
For users on macOS, the `gpg --verify` command must appear in the command line for verification of the Signature of a downloaded Tor Browser package to be successful. The example below assumes the user has downloaded the Tor Browser package (".dmg") file and the PGP Signature (".asc") file to the "Downloads" folder.
Users on macOS use the command with the following form, and `gpg --verify` appears in the command line to verify the Signature of a downloaded Tor Browser package:
`gpg --verify ~/Downloads/TorBrowser-8.5.5-osx64_en-US.dmg.asc /Downloads/TorBrowser-8.5.5-osx64_en-US.dmg`
For users on macOS, the `TorBrowser-8.5.5-osx64_en-US.dmg.asc` entry must precede the `TorBrowser-8.5.5-osx64_en-US.dmg` entry on the command line; the preceding command successfully verifies the Signature of the downloaded Tor Browser package by returning the following message:
`gpg: Signature made Tue Sep 3 06:07:30 2019 PDT`
`gpg: using RSA key EB774491D9FF06E2`
`gpg: Good signature from "Tor Browser Developers (signing key) <torbrowser@torproject.org>"`
"How can I verify Tor Browser's signature?" instructions should be edited accordingly and should have the additional instructions below necessary for users on macOS relying solely on "How can I verify Tor Browser's signature?" instructions to use the Tor Developer's Signing key to verify the Signature of a downloaded Tor Browser package.
----
In the subsection "Fetching the Tor Developers key" in "How can I verify Tor Browser's signature?, the content should present something like the following instructions for the benefit of all users on macOS:
The Tor Browser team signs Tor Browser releases.
Import the Tor Browser Developers signing key (0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290):
`gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org`
After importing the Tor Browser Developers signing key, users can take the additional step of saving it to a file by entering the following command:
`gpg --output ./tor.keyring --export 0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290`
On macOS, by default, the preceding export command saves the Tor Browser Developers key in the following file:
`~/Users/<user name>/tor.keyring`
----
For users on macOS, the subsection "Verifying the signature" in "How can I verify Tor Browser's signature?" contains misinformed and incomplete instructions. These instructions should be edited for the benefit of users on macOS and should include the additional instructions below, crucial for users on macOS relying solely on "How can I verify Tor Browser's signature?" instructions to use the Tor Developer's Signing key to verify the Signature of a downloaded Tor Browser package.
The "Verifying the signature" subsection presently contains the following information, which confusingly applies the information to users on Windows, GNU/Linux, and macOS, but in reality the information does not apply accurately to users on macOS:
Each file on our download page is accompanied by a file with the same name as the package and the extension ".asc"
The preceding inaccurate information causes confusion for users on macOS and acts as a deterrent and a stumbling block for users on macOS, thereby discouraging, thwarting, or preventing users on macOS from using the Tor Developer's Signing key to verify the Signature of a downloaded Tor Browser package.
In the subsection "Verifying the signature?" in "How can I verify Tor Browser's signature?", something that looks like the following content justifiably merits inclusion in the instructions so that users on macOS relying solely on "How can I verify Tor Browser's signature?" instructions can receive the crucial benefit of using the Tor Developer's Signing key to verify the Signature of a downloaded Tor Browser package:
After a macOS user downloads the Tor Browser package (".dmg" file), the user downloads the Signature file corresponding with the downloaded Tor Browser installer package.
For users on macOS, on the Tor Browser [Download page](https://www.torproject.org/download/), clicking on the "Sig" or "(sig)" link that corresponds with the downloaded Tor Browser package will open an additional tab in the Tor Browser window, and the window content will include only a block of text, which is the PGP Signature itself.
Users on macOS must save the block of text (the PGP Signature) as an ".asc" file.
In the Tor Browser menu bar, users on macOS select "File > Save Page As", which will open a Finder-save window.
In the Finder-save window, a file name that looks something like `TorBrowser-8.5.5-osx64_en-US.dmg.asc`, will self-populate in the space bar on the right side of "Save As:".
If the name of the self-populated file looks something like `TorBrowser-8.5.5-osx64_en-US.dmg`, the user must type ".asc" file extension at the end of the file name to make it look something like `TorBrowser-8.5.5-osx64_en-US.dmg.asc`.
In the Finder-save window, the user selects a folder to save the Signature (".asc") file and saves it in the same folder where the downloaded Tor Browser package (".dmg") file was saved, e.g., in the "Desktop" folder or the "Downloads" folder.
The user customarily always should save the PGP Signature (".asc") file in the same folder where the user saved the downloaded Tor Browser package (".dmg" file).
The downloaded Tor Browser package itself will have a file name that looks something like `TorBrowser-8.5.5-osx64_en-US.dmg`.
----
The important content below justifiably merits inclusion in the instructions in the "How can I verify Tor Browser's signature?" section for users on macOS to use the Tor Developer's Signing key to verify the Signature of a downloaded Tor Browser package.
For users on macOS who have installed GPGTools and have imported the Tor Browser Developers key into GPG Keychain, the following instructions allow users to verify the Signature of each downloaded Tor Browser package quickly without having to use terminal commands each time the user downloads a fresh updated or upgraded Tor Browser package (".dmg file) and its corresponding Signature ("Sig") file:
When the downloaded Tor Browser package (".dmg") file and its corresponding Signature (".asc") file are saved in the same folder, users on macOS can double-click on the ".asc" file to open the "Verification Results" window. A successful verification will display in the "Verification Results" window a message that looks something like the following:
`TorBrowser-8.5.5-osx64_en-US.dmg.asc Signed by: Tor Browser Developers (signing key) <torbrowser@torproject.org> (1107 75B5 D101 FB36 BC6C 911B EB77 4491 D9FF 06E2) - Ultimate trust`
The term "Ultimate trust" will appear at the end of the preceding message only if the user on macOS has assigned "Ownertrust: Ultimate" in GPG Keychain > pub...Tor Browser Developers...4E2C 6E87 9329 8290 > Key Details > Key.
Before assigning "Ultimate trust", it is crucial for users on macOS to confirm that the Key Fingerprint and Subkey Fingerprint appearing in the GPG Keychain window match the corresponding Key Fingerprint and Subkey Fingerprint appearing in the official Tor Project [list of signing keys](https://2019.www.torproject.org/docs/signing-keys.html.en).
----
After the "How can I verify Tor Browser's signature? instructions are edited as described, users on macOS who rely solely on "How can I verify Tor Browser's signature?" documentation will be able to use the Tor Developer's Signing key to verify the Signature of a downloaded Tor Browser package, thereby reducing the chances of users on macOS unknowingly or unwittingly installing Tor Browser packages that might contain corrupted files and/or malware.
Shouldn't we make it both possible and easier for all users, including users on macOS, to verify Tor Browser's signature?
In the "How can I verify Tor Browser's signature?" section, can we edit the instructions as described so users on macOS relying solely on "How can I verify Tor Browser's signature?" documentation can use the Tor Browser Developer's signing key to verify the Signature each time a user on macOS downloads a fresh Tor Browser package.
[#31296 reopened defect](https://trac.torproject.org/projects/tor/ticket/31296)
[#31254 closed defect (fixed)](https://trac.torproject.org/projects/tor/ticket/31254)
**Trac**:
**Username**: monmireebanamebanam@torproject.orgebanamebanam@torproject.orghttps://gitlab.torproject.org/tpo/web/support/-/issues/90Improve verifying signatures instructions, especially on Windows2023-11-12T20:12:23ZHiroImprove verifying signatures instructions, especially on WindowsFrom: https://trac.torproject.org/projects/tor/ticket/33529
The instructions on verifying signatures at https://support.torproject.org/tbb/how-to-verify-signature/ should be clearer and more concise.
A frontdesk email reads:
"In orde...From: https://trac.torproject.org/projects/tor/ticket/33529
The instructions on verifying signatures at https://support.torproject.org/tbb/how-to-verify-signature/ should be clearer and more concise.
A frontdesk email reads:
"In order to verify the integrity of the Tor browser installation file, you recommend downloading GPG4win, but then your instructions for Windows say to use a command line command that is not included with that package, and there are no instructions on how to use the GUI to verify the package (or which GUI to use, since there are at least two included in GPG4win).
https://support.torproject.org/tbb/how-to-verify-signature/
Trying to import the asc file into Kleopatra or the GNU Privacy Assistant results in a message saying that 0 certificates were imported, or no keys were found.
What's more, there is a confusing reference to the " Tor Browser Developers signing key (0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290)". Is this the key I'm supposed to be using for verification? This doesn't appear to be a PGP public key.
There's also a statement that suggests that the PGP public key file is automatically downloaded with the installation package, but it's not. "Each file on our download page is accompanied by a file with the same name as the package and the extension ".asc"." The download page does not show file names, and using the download link on the download page only downloads the exe file."https://gitlab.torproject.org/tpo/community/policies/-/issues/3Setup GitLab Pages for the Policies repository2023-11-12T17:56:06ZSilvio RhattoSetup GitLab Pages for the Policies repositoryWe could easily convert the text files to markdown and use something like [Onion MkDocs](https://gitlab.torproject.org/rhatto/onion-mkdocs) to render a fancy version of the policies repository.We could easily convert the text files to markdown and use something like [Onion MkDocs](https://gitlab.torproject.org/rhatto/onion-mkdocs) to render a fancy version of the policies repository.GusGushttps://gitlab.torproject.org/tpo/web/support/-/issues/224Add "Does Tor resist "remote physical device fingerprinting"?"2023-11-12T01:32:02ZGusAdd "Does Tor resist "remote physical device fingerprinting"?"We need to update this answer.
---
Yes, we resist all of these attacks as far as we know.
These attacks come from examining characteristics of the IP headers or TCP headers and looking for information leaks based on individual hardware...We need to update this answer.
---
Yes, we resist all of these attacks as far as we know.
These attacks come from examining characteristics of the IP headers or TCP headers and looking for information leaks based on individual hardware signatures. One example is the Oakland 2005 paper that lets you learn if two packet streams originated from the same hardware, but only if you can see the original TCP timestamps.
Tor transports TCP streams, not IP packets, so we end up automatically scrubbing a lot of the potential information leaks. Because Tor relays use their own (new) IP and TCP headers at each hop, this information isn't relayed from hop to hop. Of course, this also means that we're limited in the protocols we can transport (only correctly-formed TCP, not all IP like ZKS's Freedom network could) -- but maybe that's a good thing at this stage.
https://2019.www.torproject.org/docs/faq.html.en#RemotePhysicalDeviceFingerprintinghttps://gitlab.torproject.org/tpo/web/support/-/issues/229Add "You should split each connection over many paths"2023-11-12T01:26:32ZGusAdd "You should split each connection over many paths"The answer should mention Network Team new research about traffic congestion.
https://2019.www.torproject.org/docs/faq.html.en#SplitEachConnection
We don't currently think this is a good idea. You see, the attacks we're worried about a...The answer should mention Network Team new research about traffic congestion.
https://2019.www.torproject.org/docs/faq.html.en#SplitEachConnection
We don't currently think this is a good idea. You see, the attacks we're worried about are at the endpoints: the adversary watches Alice (or the first hop in the path) and Bob (or the last hop in the path) and learns that they are communicating.
If we make the assumption that timing attacks work well on even a few packets end-to-end, then having *more* possible ways for the adversary to observe the connection seems to hurt anonymity, not help it.
Now, it's possible that we could make ourselves more resistant to end-to-end attacks with a little bit of padding and by making each circuit send and receive a fixed number of cells. This approach is more well-understood in the context of high-latency systems. See e.g. Message Splitting Against the Partial Adversary by Andrei Serjantov and Steven J. Murdoch.
But since we don't currently understand what network and padding parameters, if any, could provide increased end-to-end security, our current strategy is to minimize the number of places that the adversary could possibly see.https://gitlab.torproject.org/tpo/community/policies/-/issues/12Rename gitlab branch master -> main2023-11-10T19:06:47ZGusRename gitlab branch master -> mainSilvio RhattoSilvio Rhattohttps://gitlab.torproject.org/tpo/onion-services/onionprobe/-/issues/83Include slides in GitLab pages2023-11-10T18:46:51ZSilvio RhattoInclude slides in GitLab pagesInclude the CI-generated slides in GitLab pages.
[This approach](https://gitlab.torproject.org/tpo/community/training/-/blob/12374bdc65b286ba7be3fd7ac1c513cf15a0e555/.gitlab-ci-pages.yml) can be used:
```yaml
pages:
image: debian:boo...Include the CI-generated slides in GitLab pages.
[This approach](https://gitlab.torproject.org/tpo/community/training/-/blob/12374bdc65b286ba7be3fd7ac1c513cf15a0e555/.gitlab-ci-pages.yml) can be used:
```yaml
pages:
image: debian:bookworm
needs:
- job: slides
artifacts: true
script:
- [...]
- rsync -av --prune-empty-dirs --include='*/' --include='*.pdf' --exclude='*' slides/ public/
```https://gitlab.torproject.org/tpo/onion-services/onionplan/-/issues/26Use CI to build the slides2023-11-10T18:46:51ZSilvio RhattoUse CI to build the slidesUse CI to build slides, and include them in the GitLab pages. Similar to tpo/onion-services/onionprobe#83.Use CI to build slides, and include them in the GitLab pages. Similar to tpo/onion-services/onionprobe#83.https://gitlab.torproject.org/tpo/network-health/metrics/onionoo/-/issues/40040Get rid of gitweb reference2023-11-10T15:19:56ZGeorg KoppenGet rid of gitweb referenceGeorg KoppenGeorg Koppenhttps://gitlab.torproject.org/tpo/web/support/-/issues/211Add question "Why are v3 onion addresses so long?"2023-11-10T00:05:28ZGusAdd question "Why are v3 onion addresses so long?"
```
Since v3 onion services contain full public keys, they are secure against enumeration attacks. Also, the length makes the keys secure against collision attacks.
The v2 protocol has the following issues that v3 keys solve:
An adver...
```
Since v3 onion services contain full public keys, they are secure against enumeration attacks. Also, the length makes the keys secure against collision attacks.
The v2 protocol has the following issues that v3 keys solve:
An adversary who runs a relay on the Tor network can slowly learn a list of all the v2 onion services, via the v2 HSDir system.
An adversary who can factor 1024-bit RSA keys can impersonate a v2 onion service.
An adversary who can generate around 2^40 RSA keys can expect to generate two that correspond to the same onion address (a collision attack).
(There are other attacks against the v2 protocol as well that aren’t related to the keys.)
We'd like to keep using shorter addresses, but we can’t build a secure protocol that way.
```https://gitlab.torproject.org/tpo/web/support/-/issues/216Add "Is there a list of default exit ports?" to operators section2023-11-09T23:50:53ZGusAdd "Is there a list of default exit ports?" to operators sectionUpdate this answer:
```
The default open ports are listed below but keep in mind that, any port or ports can be opened by the relay operator by configuring it in torrc or modifying the source code. The default according to src/or/policie...Update this answer:
```
The default open ports are listed below but keep in mind that, any port or ports can be opened by the relay operator by configuring it in torrc or modifying the source code. The default according to src/or/policies.c from the source code release tor-0.2.4.16-rc:
reject 0.0.0.0/8
reject 169.254.0.0/16
reject 127.0.0.0/8
reject 192.168.0.0/16
reject 10.0.0.0/8
reject 172.16.0.0/12
reject *:25
reject *:119
reject *:135-139
reject *:445
reject *:563
reject *:1214
reject *:4661-4666
reject *:6346-6429
reject *:6699
reject *:6881-6999
accept *:*
A relay will block access to its own IP address, as well local network IP addresses. A relay always blocks itself by default. This prevents Tor users from accidentally accessing any of the exit operator's local services.
```https://gitlab.torproject.org/tpo/community/l10n/-/issues/40120Fix text direction for commands in RTL pages2023-11-09T19:11:36ZemmapeelFix text direction for commands in RTL pagesWhen we add latin characters for commands in RTL pages, they are identified as being LTR and displayed almost correctly.
Almost, because when they have neutral-direction characters, those are still layered as RTL, and so, many commands ...When we add latin characters for commands in RTL pages, they are identified as being LTR and displayed almost correctly.
Almost, because when they have neutral-direction characters, those are still layered as RTL, and so, many commands are broken and will not work if copied by the users:
![Screenshot_from_2023-10-13_10-57-49](/uploads/4993334ae16eaa0e064423d9e2e6947d/Screenshot_from_2023-10-13_10-57-49.png) ![Screenshot_from_2023-10-13_10-57-21](/uploads/d78dd206ff6c4730e9d55fb5d8b90069/Screenshot_from_2023-10-13_10-57-21.png)
If we insert UTF-8 embedded direction characters, many times they are removed because they are fishy (for example, they will be removed from the page if you edit it in the gitlab editor).
So I think we can try to solve this by giving the `<code>` style a forced LTR direction. This will probably make sense to do in lego, but I will try on one lektor before to see if it works.Jérôme Charaouilavamind@torproject.orgJérôme Charaouilavamind@torproject.orghttps://gitlab.torproject.org/tpo/tpa/team/-/issues/41384Deploy community policies mkdocs build2023-11-08T23:50:58ZGusDeploy community policies mkdocs buildHi,
We're generating the Tor Community policies (https://tpo.pages.torproject.net/community/policies) pages using GitLab-CI + GitLab pages.
Please create `policies.torproject.org` subdomain and redirect to https://tpo.pages.torproject...Hi,
We're generating the Tor Community policies (https://tpo.pages.torproject.net/community/policies) pages using GitLab-CI + GitLab pages.
Please create `policies.torproject.org` subdomain and redirect to https://tpo.pages.torproject.net/community/policiesJérôme Charaouilavamind@torproject.orgJérôme Charaouilavamind@torproject.org