Generic site compatibility - investigate white-listing Javascript for certain sites
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
psiphon |
Confirmed
|
Critical
|
Unassigned | ||
2.4 |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
from email:
As we discussed the other day, we will schedule a task to investigate the possibility of not stripping javascript from certain white-listed sites.
With our whitepaper/design doc explicitly saying we're not an anonymity service, our primary concern with white-listed but broken javascript (e.g., URLs aren't rewritten) is functionality, not IP leakage. So a 95% success rate, for example, is probably acceptable. Whereas with anonymity, any real risk of exposure is bad.
What happens if we just don't strip Javascript from Facebook? How bad it is? What if we did rewriting of "static" URLs that we find in the code, as we do with HTML?
We discussed URL encoding. If we take that out, we might have better luck with static rewriting since relative links may work. With URL encoding, relative links will certainly not work.
We discussed injecting "some code" at the top of the Javascript that hooks into calls that request URLs so we could rewrite dynamic links. What sorts of tools might help us here? Consider some Javascript "sandbox" tools. For example, Google Caja runs Javascript in a sandbox and proxies URL requests, or so it claims: http://
Changed in psiphon: | |
status: | New → Confirmed |
tags: | removed: poser |
visibility: | private → public |
Changed in psiphon: | |
status: | Fix Released → Confirmed |
Changed in psiphon: | |
importance: | Unknown → Critical |
milestone: | none → release2.4 |
tags: | added: category3 |
summary: |
- Site compatibility - investigate white-listing Javascript for certain - sites + Generic site compatibility - investigate white-listing Javascript for + certain sites |
There are generalized security concerns around losing Javascript context, right? Allowing a malicious site to have persistent access to any subsequent site visited (during a given browser session?) because Java thinks they're the same site?