Midori does not use proxy settings for websockets
Bug #1210796 reported by
André Stösel
This bug affects 4 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Midori Web Browser |
Confirmed
|
Critical
|
Unassigned |
Bug Description
Dunno if it's possible to use a proxy for websockets (i couldn't find anything in the webkit-gtk api) but midori should at least ask the user if he wants to connect directly or not.
(It's a huge security risk if you use stuff like TOR.)
Changed in midori: | |
milestone: | none → 0.5.6 |
status: | New → Confirmed |
importance: | Undecided → Critical |
tags: | added: proxy |
information type: | Public → Public Security |
summary: |
- Midori does not use proxy srttings for websockets + Midori does not use proxy settings for websockets |
Changed in midori: | |
milestone: | 0.5.6 → 0.5.7 |
Changed in midori: | |
milestone: | 0.5.7 → garage |
tags: | added: security |
To post a comment you must log in.
There's no superficial reason why proxies can't work with web sockets unless WebKitGTK+ specifically uses a separate code path to connect. In general, ws(s) URLs go through HTTP(S) and thus use a proxy if there's one.
The main point of failure would be an implied proxy in your network that messes up your sockets.
This is a good article about it http:// www.infoq. com/articles/ Web-Sockets- Proxy-Servers
As far as Midori goes the real concern is that we have no easy test case that sets up a proxy, connects some socket and makes sure that it gets used. Same for prefetching, same for HTTP(s) in general.