Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Trac Trac
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Service Desk
    • Milestones
  • Monitor
    • Monitor
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value stream
  • Wiki
    • Wiki
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar
  • Legacy
  • TracTrac
  • Issues
  • #23545
Closed (moved) (moved)
Open
Created Sep 16, 2017 by George Kadianakis@asn

UX improvement: Tor Browser should handle bogus HSv3 addresses

HS v3 addresses are big but also contain a checksum. This means that Tor Browser could catch mistyped addresses and warn the user.

With current master and current Tor browser, if you mistype an hsv3 address you go to the Unable to connect page:

Unable to connect

Firefox can’t establish a connection to the server at 4acth47i6kxnvkewtm6q7ib2s3ufpo5sqbsnzjpbi7utijcltosqeflock.onion.

    The site could be temporarily unavailable or too busy. Try again in a few moments.
    If you are unable to load any pages, check your computer’s network connection.
    If your computer or network is protected by a firewall or proxy, make sure that Tor Browser is permitted to access the Web.

In the logs you can see a parsing error:

[warn] Invalid onion hostname [scrubbed]; rejecting

which is a bit generic.

I wonder what's the best way to offer better UX here. How should the user be warned?

Also how should we implement this? Should the Browser do the checksum check itself? Or should Tor do the checksum check and inform Tor Browser somehow?

How to do this best?

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking