Wayback machine feature should be disabled in Tor windows or use Tor #8419
Labels
feature/tor/leakproofing
Eliminating unexpected ways that someone using Tor might be unmasked.
priority/P2
A bad problem. We might uplift this to the next planned release.
privacy
QA Pass-Linux
QA Pass-macOS
QA Pass-Win64
QA/Yes
release-notes/include
sec-high
security
Milestone
Problem
As reported in https://bravesoftware.slack.com/archives/C85NV6NSG/p1582256790113900 (see thread), we found that clicking the "Checked for saved version" button on a 404 page in a Tor window will send a request to
https://brave-api.archive.org/...
that doesn't go through Tor. As such, this is a privacy problem.Expected behavior
What about private windows?
I think this feature is probably ok to keep in private windows because it uses a network context that doesn't store state on disk (https://cs.chromium.org/chromium/src/chrome/browser/net/system_network_context_manager.h?q=systemnetwork&sq=package:chromium&g=0&l=44-45) and we disallow cookies (https://github.com/brave/brave-core/pull/3561/files#diff-306f17e629f5adfd7444084d21b89193R38) for it.
However if the fix is easier to do with it disabled entirely in private windows (Tor windows included), I am pro doing that.
underlying cause
The system network context (https://github.com/brave/brave-core/pull/3561/files#diff-6d51337a3d8e25d0c3fbb40ef046dce9R58) doesn't use the Tor window proxy setting.
The text was updated successfully, but these errors were encountered: