undefined (#25672)

Replying to gk:

The catch-all-circuit is used as the debugger does not seem to understand the concept of first party isolation.

I wonder if this is related to legacy/trac#22538 (moved), as well.

Hmm, here's another one.

[04-11 00:10:07] Torbutton INFO: tor SOCKS: https://www.torproject.org/dist/torbrowser/7.5.3/torbrowser-install-7.5.3_en-US.exe via
                       --unknown--:71e69d27f4adff41fb754a6dc960dfeb
[04-11 00:10:07] Torbutton INFO: controlPort >> 650 STREAM 60 NEW 0 www.torproject.org:443 SOURCE_ADDR=127.0.0.1:46916 PURPOSE=USER
[04-11 00:10:07] Torbutton INFO: controlPort >> 650 STREAM 60 SENTCONNECT 36 www.torproject.org:443
[04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 60 REMAP 36 138.201.14.197:443 SOURCE=EXIT
[04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 60 SUCCEEDED 36 138.201.14.197:443
[04-11 00:10:08] Torbutton INFO: tor SOCKS: https://dist.torproject.org/torbrowser/7.5.3/torbrowser-install-7.5.3_en-US.exe via
                       --unknown--:71e69d27f4adff41fb754a6dc960dfeb
[04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 61 NEW 0 dist.torproject.org:443 SOURCE_ADDR=127.0.0.1:46918 PURPOSE=USER
[04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 61 SENTCONNECT 36 dist.torproject.org:443
[04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 61 REMAP 36 38.229.72.17:443 SOURCE=EXIT
[04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 61 SUCCEEDED 36 38.229.72.17:443

, If you go to any webpage and right-click on any link (<a href=) and select "Save Link As...", then a connection is established over the catch-all circuit. I'd expect this use the first-party-circuit.

I should also mention https://trac.torproject.org/projects/tor/ticket/15599#comment:9 is another instance of this. I noticed this in my logs, too. An OCSP fetch should happen over the domain isolated circuit.

[04-11 00:04:30] Torbutton INFO: tor SOCKS: https://twitter.com/search-advanced via
                       --unknown--:71e69d27f4adff41fb754a6dc960dfeb
[04-11 00:04:30] Torbutton INFO: controlPort >> 650 STREAM 51 NEW 0 twitter.com:443 SOURCE_ADDR=127.0.0.1:46898 PURPOSE=USER
[04-11 00:04:30] Torbutton INFO: controlPort >> 650 STREAM 51 SENTCONNECT 36 twitter.com:443
[04-11 00:04:30] Torbutton INFO: controlPort >> 650 STREAM 51 REMAP 36 104.244.42.65:443 SOURCE=EXIT
[04-11 00:04:30] Torbutton INFO: controlPort >> 650 STREAM 51 SUCCEEDED 36 104.244.42.65:443
[04-11 00:04:31] Torbutton INFO: tor SOCKS: http://ocsp.digicert.com/ via
                       --unknown--:71e69d27f4adff41fb754a6dc960dfeb
[04-11 00:04:31] Torbutton INFO: controlPort >> 650 STREAM 52 NEW 0 ocsp.digicert.com:80 SOURCE_ADDR=127.0.0.1:46900 PURPOSE=USER
[04-11 00:04:31] Torbutton INFO: controlPort >> 650 STREAM 52 SENTCONNECT 36 ocsp.digicert.com:80
[04-11 00:04:31] Torbutton INFO: controlPort >> 650 STREAM 52 REMAP 36 93.184.220.29:80 SOURCE=EXIT
[04-11 00:04:31] Torbutton INFO: controlPort >> 650 STREAM 52 SUCCEEDED 36 93.184.220.29:80
[04-11 00:06:26] Torbutton INFO: controlPort >> 650 STREAM 52 CLOSED 36 93.184.220.29:80 REASON=DONE
[04-11 00:06:27] Torbutton INFO: controlPort >> 650 STREAM 51 CLOSED 36 104.244.42.65:443 REASON=DONE

Considering how often it seems this occurs, I'm guessing plumbing the first party URI through the layers is more complicated than expected.

(I noticed the typo when I received the email.)

Trac:
Summary: Debugger in delevoper tools is fetching website over catch-all circuit to Debugger in developer tools is fetching website over catch-all circuit

Replying to sysrqb:

Hmm, here's another one.

{{{ [04-11 00:10:07] Torbutton INFO: tor SOCKS: https://www.torproject.org/dist/torbrowser/7.5.3/torbrowser-install-7.5.3_en-US.exe via --unknown--:71e69d27f4adff41fb754a6dc960dfeb [04-11 00:10:07] Torbutton INFO: controlPort >> 650 STREAM 60 NEW 0 www.torproject.org:443 SOURCE_ADDR=127.0.0.1:46916 PURPOSE=USER [04-11 00:10:07] Torbutton INFO: controlPort >> 650 STREAM 60 SENTCONNECT 36 www.torproject.org:443 [04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 60 REMAP 36 138.201.14.197:443 SOURCE=EXIT [04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 60 SUCCEEDED 36 138.201.14.197:443 [04-11 00:10:08] Torbutton INFO: tor SOCKS: https://dist.torproject.org/torbrowser/7.5.3/torbrowser-install-7.5.3_en-US.exe via --unknown--:71e69d27f4adff41fb754a6dc960dfeb [04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 61 NEW 0 dist.torproject.org:443 SOURCE_ADDR=127.0.0.1:46918 PURPOSE=USER [04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 61 SENTCONNECT 36 dist.torproject.org:443 [04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 61 REMAP 36 38.229.72.17:443 SOURCE=EXIT [04-11 00:10:08] Torbutton INFO: controlPort >> 650 STREAM 61 SUCCEEDED 36 38.229.72.17:443 }}} , If you go to any webpage and right-click on any link (<a href=) and select "Save Link As...", then a connection is established over the catch-all circuit. I'd expect this use the first-party-circuit.

That's not related to the developer tools, so let's keep it separate. It's legacy/trac#22649 (moved) and see legacy/trac#22343 (moved) as well.

Replying to sysrqb:

I should also mention https://trac.torproject.org/projects/tor/ticket/15599#comment:9 is another instance of this. I noticed this in my logs, too. An OCSP fetch should happen over the domain isolated circuit.

{{{ [04-11 00:04:30] Torbutton INFO: tor SOCKS: https://twitter.com/search-advanced via --unknown--:71e69d27f4adff41fb754a6dc960dfeb [04-11 00:04:30] Torbutton INFO: controlPort >> 650 STREAM 51 NEW 0 twitter.com:443 SOURCE_ADDR=127.0.0.1:46898 PURPOSE=USER [04-11 00:04:30] Torbutton INFO: controlPort >> 650 STREAM 51 SENTCONNECT 36 twitter.com:443 [04-11 00:04:30] Torbutton INFO: controlPort >> 650 STREAM 51 REMAP 36 104.244.42.65:443 SOURCE=EXIT [04-11 00:04:30] Torbutton INFO: controlPort >> 650 STREAM 51 SUCCEEDED 36 104.244.42.65:443 [04-11 00:04:31] Torbutton INFO: tor SOCKS: http://ocsp.digicert.com/ via --unknown--:71e69d27f4adff41fb754a6dc960dfeb [04-11 00:04:31] Torbutton INFO: controlPort >> 650 STREAM 52 NEW 0 ocsp.digicert.com:80 SOURCE_ADDR=127.0.0.1:46900 PURPOSE=USER [04-11 00:04:31] Torbutton INFO: controlPort >> 650 STREAM 52 SENTCONNECT 36 ocsp.digicert.com:80 [04-11 00:04:31] Torbutton INFO: controlPort >> 650 STREAM 52 REMAP 36 93.184.220.29:80 SOURCE=EXIT [04-11 00:04:31] Torbutton INFO: controlPort >> 650 STREAM 52 SUCCEEDED 36 93.184.220.29:80 [04-11 00:06:26] Torbutton INFO: controlPort >> 650 STREAM 52 CLOSED 36 93.184.220.29:80 REASON=DONE [04-11 00:06:27] Torbutton INFO: controlPort >> 650 STREAM 51 CLOSED 36 104.244.42.65:443 REASON=DONE }}}

Considering how often it seems this occurs, I'm guessing plumbing the first party URI through the layers is more complicated than expected.

How is that related to the developer tools? And legacy/trac#15599 (moved)? That comment there said that the pdf download related OCSP requests go over the catch-all circuit as well which is not surprising given that the download itself started over the download button went over the catch-all circuit. BUT: how does that related to your your Twitter related log snippet?

Activity