The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2021-07-09T17:30:28Zhttps://gitlab.torproject.org/tpo/core/tor/-/issues/40100Mixing long lived streams with shorter connections causes hidden tor service ...2021-07-09T17:30:28Ztubby-torMixing long lived streams with shorter connections causes hidden tor service name (.onion) resolution/routing failuresFrom one single tor instance with default settings and a single client address, long-lived streams to some .onion addresses seems to eventually break name resolution/routing to other .onion addresses that are short-lived connections.
Fo...From one single tor instance with default settings and a single client address, long-lived streams to some .onion addresses seems to eventually break name resolution/routing to other .onion addresses that are short-lived connections.
For example:
- Copy a large file over ssh from Client to server a.onion, b.onion, c.onion. (simultaneously for several hours)
- Connect to server d.onion, e.onion, f.onion for a few commands, then disconnect several times during the long running streams.
Eventually and intermittently, connections to d.onion, e.onion, f.onion fail on the client-side only.
Tests to isolate the problem:
- Testing the connections from another clients works, confirming that the servers d.onion, e.onion, f.onion are still up and it is a problem with the client-side tor
- Forcing a `SIGNAL NEWNYM` on the client corrects the problem and the client can subsequently connect to d.onion, e.onion, f.onion. The bad side-effect is that all the long-running streams are disconnected (of course).
- Forcing very aggressive circuit rebuilding on the client-side tor mostly solves the problem but also causes more disconnection of streams. I haven't been able to isolate further which one of these options is actually fixing the problem, but providing these are further information for others.
```
KeepalivePeriod 1
LongLivedPorts
MaxCircuitDirtiness 30
NewCircuitPeriod 30
```
- Stream Isolation `SocksPort ... IsolateDestAddr` did NOT seem to help.
I suspect that stale circuits are remaining opened for the long-running streams and that even though they keep streaming, they can no longer resolve/route new .onion requests and thus fail.
I think that tor with default configuration should be robust in these situations and there should not be an obscure .onion name resolution/routing failre to connect to hosts. Most users will not be able to diagnose such a situation and will also have trouble resolving it, ultimately giving the impression that .onion services are unreliable, regardless of whether it is .onion server side failure or client side .onion name resolution or routing failure.
I am not specifically looking for a solution, since I have many workarounds, simply trying to report the issue in a way that may help the tor project.
I have NOT tested the same problem using clearnet IP or domain name based servers, so I cannot report if it is specific to .onion or more general to all client-side tor circuits.David Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40068Make it easier to report bugs2022-02-03T19:06:45ZiotaMake it easier to report bugsHi there,
I've reported my first bug today, and the path is quite tricky. Here are two proposal to make it easier:
- make it possible to search the documentation on https://support.torproject.org
- add a reference to this bug tracker i...Hi there,
I've reported my first bug today, and the path is quite tricky. Here are two proposal to make it easier:
- make it possible to search the documentation on https://support.torproject.org
- add a reference to this bug tracker in the footer. There is a link pointing to github, but a link to https://gitlab.torproject.org is missing
Keep on the good work!
Cheershttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40067Tor Browser's letterboxing wastes too much screen space in some cases2022-02-03T19:07:02ZiotaTor Browser's letterboxing wastes too much screen space in some casesHi there,
the letterboxing feature was introduced a month ago in [Tails](https://tails.boum.org), and in some cases **an important part of the screen is wasted**, as you can see here:
![letterboxing](/uploads/0a68df5ce3ba676fac0e809a86...Hi there,
the letterboxing feature was introduced a month ago in [Tails](https://tails.boum.org), and in some cases **an important part of the screen is wasted**, as you can see here:
![letterboxing](/uploads/0a68df5ce3ba676fac0e809a8698f783/letterboxing.png)
(see the margin at the bottom)
It would be great to reconsider default dimensions (see #30556) or to allow *one-click* opt-out
Thanks for your highly valuable work!https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40056ensure that lazy <img> loading does not add a fingerprinting vector2022-07-12T16:53:53ZMark Smithensure that lazy <img> loading does not add a fingerprinting vectorFrom #33534: Firefox 75 added support for the `loading` attribute of HTML `<img>` elements. This string value can be used to specify that the image should be lazily loaded, by setting its value to `lazy`. This could allow sites to track ...From #33534: Firefox 75 added support for the `loading` attribute of HTML `<img>` elements. This string value can be used to specify that the image should be lazily loaded, by setting its value to `lazy`. This could allow sites to track a user's scrolling behavior and use it for fingerprinting. Maybe that is OK since:
1. Similar tracking is already possible via other mechanisms when JavaScript is enabled.
2. The lazy loading feature is supposedly disabled when JavaScript is disabled.
We should confirm.
https://bugzilla.mozilla.org/show_bug.cgi?id=1542784 \
"Support `<img loading="lazy">` lazy-loading"https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext/-/issues/2Snowflake no longer working on Google Chrome2021-02-19T14:08:50ZcypherpunksSnowflake no longer working on Google ChromeExtension icon disappeared and cannot enable Snowflake in Google Chrome.Extension icon disappeared and cannot enable Snowflake in Google Chrome.https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/26895'Error downloading build result' after GCC in container Tor Browser Bundle Bu...2022-08-02T15:31:54ZTrac'Error downloading build result' after GCC in container Tor Browser Bundle Build (rbm)... most descriptive error ever ocurred in the world $ make
git submodule update --init
./rbm/rbm build release --target release --target torbrowser-all
Building project tor-browser - tor-browser-8.0a9-linux-x86_64-58eca3
Using file out/container-image/container-image_w... $ make
git submodule update --init
./rbm/rbm build release --target release --target torbrowser-all
Building project tor-browser - tor-browser-8.0a9-linux-x86_64-58eca3
Using file out/container-image/container-image_wheezy-amd64-df3a332e7b34.tar.gz
Building project firefox - firefox-a0efd2fcd6e9-linux-x86_64-0974b5
Tag tor-browser-60.1.0esr-8.0-1-build2 is signed with key 35CD74C24A9B15A19E1A81A194373AA94B7C3223
Created tmp/rbm-mgl5M/firefox-a0efd2fcd6e9.tar.gz
Using file out/container-image/container-image_wheezy-amd64-279bd3a261cd.tar.gz
Building project gcc - gcc-6.4.0-3098e6.tar.gz
Using file out/container-image/container-image_wheezy-amd64-2bf0a6561acb.tar.gz
Using file out/gcc/gcc-6.4.0.tar.xz
[sudo] password for $USER:
Build log: logs/gcc-linux-x86_64.log
[sudo] password for $USER:
Error: Error downloading build result
make: *** [Makefile:6: release] Error 1
Thats the log on the screen...
**Trac**:
**Username**: kfseapersonhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/26877Declare gcc version in rbm.conf2021-08-18T08:57:02ZSukhbir SinghDeclare gcc version in rbm.confWe declare the `gcc` version (currently set to `6.4.0`) in multiple places:
```
projects/gcc/config:version: 6.4.0
```
```
projects/mingw-w64/config: gcc_version: 6.4.0
```
We should probably define it in `rbm.conf` instead and then ...We declare the `gcc` version (currently set to `6.4.0`) in multiple places:
```
projects/gcc/config:version: 6.4.0
```
```
projects/mingw-w64/config: gcc_version: 6.4.0
```
We should probably define it in `rbm.conf` instead and then refer to that. (This may also be relevant for legacy/trac#25485).https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/23688Add GitLab CI script2021-08-16T20:44:30ZTracAdd GitLab CI scriptAs [suggested and merged for tor](https://trac.torproject.org/projects/tor/ticket/22891) I'd like to propose a GitLab CI script for Tor Browser. My intention to be able to build `tor-browser-bundle` locally which I tried for some time an...As [suggested and merged for tor](https://trac.torproject.org/projects/tor/ticket/22891) I'd like to propose a GitLab CI script for Tor Browser. My intention to be able to build `tor-browser-bundle` locally which I tried for some time and failed because of error which I hope will be brought to the attention of devs automatically rather than after painful reports.
The script currently uses Ubuntu 17.04 only, but since GitLab CI is based on Docker images, the number of possible OS to test on is basically infinite.
**Trac**:
**Username**: krichterhttps://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/18497Check that MAR signing is done properly on the files available in the update ...2023-01-31T20:39:12ZboklmCheck that MAR signing is done properly on the files available in the update responsesIn legacy/trac#18405 we are adding a script to be used during the release process to check that the MAR files are properly signed. We could have an other one that is doing the same things on the files currently proposed as an update. Thi...In legacy/trac#18405 we are adding a script to be used during the release process to check that the MAR files are properly signed. We could have an other one that is doing the same things on the files currently proposed as an update. This would allow someone to easily check (maybe as a cron job) that the updates currently available are the same as the ones in the sha256sums-unsigned-build files.
In tools/update-responses/check_update_responses_deployement we have a script that currently check that the update responses xml provides the expected version. I think I could extend it to also download the mar files it provides, unsign them and check that they match sha256sums-unsigned-build.txt.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/34192It Just Does Not Work2021-07-09T14:43:41ZTracIt Just Does Not WorkTor worked like a breeze for me a few months ago. Now I cannot even get it to start.
Something is serious fucked up with this latest version of the browser, and there is **no good information out there** on what to do about it. Gibb...Tor worked like a breeze for me a few months ago. Now I cannot even get it to start.
Something is serious fucked up with this latest version of the browser, and there is **no good information out there** on what to do about it. Gibberish and nonsense.
Please post a **plain-English** solution to this problem.
No, I do not use a proxy, I am not in a country where Tor is censored, and there is absolutely nothing wrong with my system clock.
OS: **Windows 7**
Tor Version: **9.0.10**
Log:
5/12/20, 13:23:34.321 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
5/12/20, 13:23:34.321 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
5/12/20, 13:23:34.321 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
5/12/20, 13:23:34.322 [NOTICE] Opening Socks listener on 127.0.0.1:9150
5/12/20, 13:23:34.322 [NOTICE] Opened Socks listener on 127.0.0.1:9150
5/12/20, 13:23:34.322 [NOTICE] Renaming old configuration file to "E:\Tor Browser\Browser\TorBrowser\Data\Tor\torrc.orig.1"
5/12/20, 13:23:34.322 [NOTICE] Bootstrapped 5% (conn): Connecting to a relay
5/12/20, 13:24:58.291 [WARN] Problem bootstrapping. Stuck at 5% (conn): Connecting to a relay. (Connection timed out [WSAETIMEDOUT ]; TIMEOUT; count 10; recommendation warn; host 847B1F850344D7876491A54892F904934E4EB85D at 86.59.21.38:443)
5/12/20, 13:24:58.291 [WARN] 9 connections have failed:
5/12/20, 13:24:58.291 [WARN] 9 connections died in state connect()ing with SSL state (No SSL object)
5/12/20, 13:24:58.299 [WARN] Problem bootstrapping. Stuck at 5% (conn): Connecting to a relay. (Connection timed out [WSAETIMEDOUT ]; TIMEOUT; count 11; recommendation warn; host FFA72BD683BC2FCF988356E6BEC1E490F313FB07 at 193.11.164.243:9001)
5/12/20, 13:24:58.299 [WARN] 10 connections have failed:
5/12/20, 13:24:58.299 [WARN] 10 connections died in state connect()ing with SSL state (No SSL object)
5/12/20, 13:24:58.299 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
5/12/20, 13:24:58.299 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
5/12/20, 13:24:59.290 [NOTICE] Delaying directory fetches: DisableNetwork is set.
**Trac**:
**Username**: WR Smithhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/34144user.js is ignored after Tor (part) starts2022-02-03T19:07:02ZTracuser.js is ignored after Tor (part) startsSteps to reproduce:
1)
create file Browser/TorBrowser/Data/Browser/profile.default/user.js with contents:
// blank 1st line
user_pref("javascript.enabled", false);
user_pref("app.update.auto", false);
2)
Start Tor and wait for Tor con...Steps to reproduce:
1)
create file Browser/TorBrowser/Data/Browser/profile.default/user.js with contents:
// blank 1st line
user_pref("javascript.enabled", false);
user_pref("app.update.auto", false);
2)
Start Tor and wait for Tor connection pop up.
3)
Make sure user.js was included:
$ grep -e app.update.auto -e javascript.enabled Browser/TorBrowser/Data/Browser/profile.default/prefs.js
user_pref("app.update.auto", false);
user_pref("javascript.enabled", false);
4)
Click "Connect" to and wait for browser to start
5)
Check prefs.js again, and javascript.enabled is gone
$ grep -e app.update.auto -e javascript.enabled Browser/TorBrowser/Data/Browser/profile.default/prefs.js
user_pref("app.update.auto", false);
Expected behaviour:
According to Firefox documentation user.js may override any preference. There's a warning that plugins that ignore this won't pass certification.
After Tor has finished playing with the configuration it must apply the user.js again.
With the current setup there doesn't seem to be a way to start the Tor browser with javascript.enabled set to false and allow the user to change it to true if that want.
Background:
We are running Tor inside docker, so constantly downloading updates until we can update the docker image seems like unnecessary waste of precious onion bandwidth.
With app.update.auto set to false, we get a pop up which says there is a new version available so we can update in our own time.
With the current setup there doesn't seem to be a way to start the Tor browser with javascript.enabled set to false and allow the user to change it to true if that want.
**Trac**:
**Username**: davidnewcombhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/34118Onion-Location banner isn't shown when using subdomains in the onion address2022-02-03T19:03:56ZAlexander Færøyahf@torproject.orgOnion-Location banner isn't shown when using subdomains in the onion addressMacLemon on Mastodon reports that we have a problem with the Onion-Location banner when a subdomain is added to the Onion hostname.
The purple ".onion available" banner is shown when the server sends: `Onion-Location: http://<pubkey>.on...MacLemon on Mastodon reports that we have a problem with the Onion-Location banner when a subdomain is added to the Onion hostname.
The purple ".onion available" banner is shown when the server sends: `Onion-Location: http://<pubkey>.onion/`, but it is NOT shown when the server sends: `Onion-Location: http://subdomain.<pubkey>.onion/`.
For more information, see the discussion here: https://chaos.social/@MacLemon/104112776746450550https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/33882Launch torbrowsers on the same host from different users2022-02-03T19:03:56ZTracLaunch torbrowsers on the same host from different usersFrom Debian bug: https://bugs.debian.org/860297
Post from Bernd Schumacher <bernd@bschu.de>
====
The problem is not, to run multiple Tor Browsers as the same user,
but to run multiple Tor Browsers, each from a different user at the
same...From Debian bug: https://bugs.debian.org/860297
Post from Bernd Schumacher <bernd@bschu.de>
====
The problem is not, to run multiple Tor Browsers as the same user,
but to run multiple Tor Browsers, each from a different user at the
same time on the same machine.
After investigation I found, that this is because of a fixed SOCKSPORT and and fixed CONTROLPORT.
But each user needs his own SOCKSPORT and CONTROLPORT.
====
**Trac**:
**Username**: roshhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/33881Unable to change default directory location in Parrot OS2021-07-09T14:50:06ZTracUnable to change default directory location in Parrot OSHi There,
Since I'm trying to change the default directory in Parrot OS, I'm getting the following error "Error opening directory '/directory_name/': Permission denied.
How can I change the directory location.
I'm running a Parrot OS i...Hi There,
Since I'm trying to change the default directory in Parrot OS, I'm getting the following error "Error opening directory '/directory_name/': Permission denied.
How can I change the directory location.
I'm running a Parrot OS in VM.
**Trac**:
**Username**: nagarajtg5https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/33820Update from 9.0.7 to 9.0.8 segfaults2021-07-09T14:50:15ZcypherpunksUpdate from 9.0.7 to 9.0.8 segfaultsUpdate by auto-updater. *firefox* segfaults, see attached backtrace.Update by auto-updater. *firefox* segfaults, see attached backtrace.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/33774Waiting for tor to start....2021-07-09T14:40:20ZTracWaiting for tor to start....I used to be able to connect with no problem. Now it stops with the "waiting for tor to start" message. When it finally fails, and I click the copy to clipboard option, it says 0 logs ready to be copied. I don't know what happened. This ...I used to be able to connect with no problem. Now it stops with the "waiting for tor to start" message. When it finally fails, and I click the copy to clipboard option, it says 0 logs ready to be copied. I don't know what happened. This is the tor browser installer for windows listed on the web site.
**Trac**:
**Username**: rscottf1960https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/33748crash on startup2021-07-09T14:40:26ZTraccrash on startup./start-tor-browser: line 271: [: 64: unary operator expected
Fontconfig warning: "/home/tom/Downloads/tor-browser_en-US/Browser/TorBrowser/Data/fontconfig/fonts.conf", line 37: Use of ambiguous <dir> element. please add prefix="cwd" if ..../start-tor-browser: line 271: [: 64: unary operator expected
Fontconfig warning: "/home/tom/Downloads/tor-browser_en-US/Browser/TorBrowser/Data/fontconfig/fonts.conf", line 37: Use of ambiguous <dir> element. please add prefix="cwd" if current behavior is desired.
Fontconfig warning: "/home/tom/Downloads/tor-browser_en-US/Browser/TorBrowser/Data/fontconfig/fonts.conf", line 85: unknown element "blank"
./start-tor-browser: line 368: 3179 Segmentation fault (core dumped) TOR_CONTROL_PASSWD=${TOR_CONTROL_PASSWD} ./firefox --class "Tor Browser" -profile TorBrowser/Data/Browser/profile.default "${@}" < /dev/null
**Trac**:
**Username**: thisguythatguyhttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/33735Impossible to register on a site https://dynasty-scans.com/2022-02-03T19:03:56ZcypherpunksImpossible to register on a site https://dynasty-scans.com/Problem with a Tor Browser 9.0.7 on a https site https://dynasty-scans.com/ at Safer mode. Site's scripts is NOT blocked by NoScript.
When I filling a password (however it short) it's disappear but other slots still filled.
I tried from ...Problem with a Tor Browser 9.0.7 on a https site https://dynasty-scans.com/ at Safer mode. Site's scripts is NOT blocked by NoScript.
When I filling a password (however it short) it's disappear but other slots still filled.
I tried from more than one computer with a different OSs.https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/33724Faild Background Update2021-07-09T14:49:51ZTracFaild Background UpdateHi
i found a problem firefox based browser that fail to update browser in background for example user open tor browser and when opened, automatically update or when users browse the web in tor browser update automatically and when resta...Hi
i found a problem firefox based browser that fail to update browser in background for example user open tor browser and when opened, automatically update or when users browse the web in tor browser update automatically and when restart browser the new build boot up.
i also check for Automatically install updates (recommended) in Tor Browser Updates.
some one report the bug to Mozilla but they do not any thing(not for now), so for users anonymity and privacy and ... please add a function to tor browser update in background.
regard
**Trac**:
**Username**: Anonymous75https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/33613Javascript Execution with NoScript Bypass2020-08-19T08:34:04ZMatthew FinkelJavascript Execution with NoScript BypassThe bug is upstream in Firefox 68esr. It is tracked by [Bug 1621996](https://bugzilla.mozilla.org/1621996).The bug is upstream in Firefox 68esr. It is tracked by [Bug 1621996](https://bugzilla.mozilla.org/1621996).