We should lower how long HTTP Keep-Alive connections are kept around, to reduce linkability. Perhaps it should be a function of time-since-last-use not total age. Or perhaps not.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Child items
0
Show closed items
No child items are currently assigned. Use child items to break down this issue into smaller parts.
Linked items
0
Link issues together to show that they're related.
Learn more.
In fact, the keep alive timeout already is a function of time since last socket read (see nsHttpConnection::OnSocketReadable and follow mLastReadTime around to other functions). I think this means we can safely set it very low and still get performance benefits while limiting linkability.
It is somewhat hard to tell for sure that the code can properly handle the case where we get no data in the keepalive timeout timeframe, but the comment in nsHttpConnection::OnInputStreamReady() makes me think it can, as does testing with a timeout of 1 second against a image-heavy site over Tor.