GitLab

This is more of an exploratory topic than a demand.

Mike and I have been investigating the safeness of using flash on various platforms for TBB and during the tests on Windows found out that all of the Flash LSOs (i.e., supercookies) are stored in %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ on Windows and ~/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/ on Linux.

In the testing on Linux, we discovered that it was possible to create an opt-out LSO called settings.sol which would prevent the creation of other Flash cookies (you can recreate one yourself by going to http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html). It's easy to put this on Linux since we reset $HOME in the Linux TBB, and it is probably also easy to do it for OSX since we do the same thing there.

Mike wrote a patch for the Windows TBB launcher (see here: https://gitweb.torproject.org/mikeperry/torbrowser.git/shortlog/refs/heads/appdata-haxx).

However, in my investigations, I also discovered some Qt functionality that might do what we want in a saner cross-platform way:

http://doc.trolltech.com/4.6/qsettings.html#setPath http://doc.trolltech.com/4.6/qdesktopservices.html#storageLocation

Would it be crazy to try resetting this? If it works it would prevent all sorts of data from being written to the wrong place. Is it already in use? I looked through MainWindow.cpp a bit, but not extensively, so this may be redundant.