[Tor2web-talk] Serious bug in Tor2web software
Nurmi, Juha
juha.nurmi at ahmia.fi
Thu Nov 13 08:34:53 CET 2014
Hi all,
As we know, the new facebook hs didn't work with Tor2web proxies. We were
suspecting that it had something to do with HTTPS. I tried to understand
the problem and noticed that Tor2web software fails all HTTP 302 redirects
by sending the user to wrong site(!).
Moreover, I noticed that this also makes the proxy acting totally crazy
after that with every address: It is replacing URLs in the site with
another onion address domain!
Look this yourself: https://skunksworkedp2cg.tor2web.org/sites.html - at
least I see only links to some https://4lvgfhrfoecoku2w.tor2web.com/
See my bug reports in GitHub
https://github.com/globaleaks/Tor2web-3.0/issues/162
I took down tor2web.fi. Let's fix this issue. How can I help?
Greetings,
Juha
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.globaleaks.org/pipermail/tor2web-talk/attachments/20141113/ef59da21/attachment.html>
More information about the Tor2web-talk
mailing list