Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
T
Tor Browser
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 1,533
    • Issues 1,533
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 1
    • Merge Requests 1
  • Operations
    • Operations
    • Incidents
  • Analytics
    • Analytics
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • The Tor Project
  • Applications
  • Tor Browser
  • Issues
  • #3455

Closed
Open
Opened Jun 24, 2011 by Mike Perry@mikeperryDeveloper

Tor Browser should set SOCKS username for a request based on first party domain

Once Proposal 171 is implemented (legacy/trac#1865 (moved)), Tor Browser should set the Proposal 171 SOCKS username to a function of the hostname in the referer header (possibly caching the first referer for subsequent link navigation).

If the referer is blank, we should use a function of the request URL hostname. This policy should effectively give us the same top-level origin isolation for circuit use that we want for other identifiers.

Lunar also points out that if this function introduces a hashed nonce that is changed on "New Identity" invocations, we can then do without the control port and control auth/password inside torbutton but still provide New Identity. This would simplify a lot of setups, and potentially allow us to remove more code from Torbutton.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
TorBrowserBundle 2.3.x-stable
Milestone
TorBrowserBundle 2.3.x-stable
Assign milestone
Time tracking
None
Due date
None
Reference: tpo/applications/tor-browser#3455