Introduce preference for controlling speculative pre-connections (Related to Tor Browser / present in Firefox)
Introduce preference for controlling speculative pre-connections - (original source - https://bugzilla.mozilla.org/show_bug.cgi?id=814169) is also present in the Tor Browser Bundle
**Yuri Khan **2015-08-14 22:33:56 PDT
Hey, here’s a potential tracking scenario: * Mallory has a database of unverified email addresses. He wants to know which of them are read regularly. * Mallory associates with each unverified email address a unique IPv6 address within his /64 network. * Mallory sends each unverified recipient a message which consists of a hyperlink to this unique IPv6 address, wrapped around a lot of text. * Alice views this message in a web mail client in Firefox. She inadvertently leaves the mouse in the area where the message is to be displayed. * Firefox speculatively connects to the address of the link. * Mallory’s router receives all connection attempts and logs destination addresses. * Because each recipient got a unique IPv6 address, Mallory marks Alice’s email address as verified.
This scenario is also exploitable in the Tor browser because the default value of this API ('network.http.speculative-parallel-limit') is 6
A fix to mitigate this problem is to set 'network.http.speculative-parallel-limit' to 0 by default.