Please allow JS and plugins to be configured per proxy

Post enhancement requests here.

Please allow JS and plugins to be configured per proxy

Postby runderwo » Mon Aug 05, 2013 6:11 pm

It would be very useful for Javascript and plugins to be enabled/disabled per proxy for those using Tor, I2P or other darknets and do not want location or network identifying information leaked in the upstream direction through dynamic content. I did not see a way to do this at present.
runderwo
 
Posts: 4
Joined: Mon Aug 05, 2013 4:13 pm

Re: Please allow JS and plugins to be configured per proxy

Postby gkoppen » Tue Aug 20, 2013 11:22 am

Could you elaborate on your FoxyProxy setup a bit? Do you intend to use one proxy for one "darknet" and switch between them manually? Or do you want to have all these proxy settings in pattern mode? Or... And why are you not using TAILS (Tor Browser) who has this more or less preconfigured (if I recall correctly)?
gkoppen
FoxyProxy Team
FoxyProxy Team
 
Posts: 315
Joined: Tue May 24, 2011 9:42 pm

Re: Please allow JS and plugins to be configured per proxy

Postby runderwo » Tue Aug 20, 2013 1:14 pm

I have a proxy set up for each darknet which automatically uses the correct proxy based on URL (*.onion, *.i2p).

I don't want to have to manually disable JS/plugins when I load a *.onion or *.i2p page to avoid revealing my identity to a malicious server on those nets, and then have to re-enable when I load a page on the "normal" non-anonymous net. I think the proxy plugin could disable or enable these for a tab automatically if the URL matches for a particular proxy configuration.
runderwo
 
Posts: 4
Joined: Mon Aug 05, 2013 4:13 pm

Re: Please allow JS and plugins to be configured per proxy

Postby gkoppen » Thu Aug 22, 2013 8:28 am

runderwo wrote:I don't want to have to manually disable JS/plugins when I load a *.onion or *.i2p page to avoid revealing my identity to a malicious server on those nets, and then have to re-enable when I load a page on the "normal" non-anonymous net.
This does not work at least not for JavaScript enabled/disabled per proxy: https://bugzilla.mozilla.org/show_bug.cgi?id=409737 Not sure about plugins but as they can do all sorts of nasty things I'd guess they could cause similar things to happen. That was actually one reason why the Torbutton toggle model was disabled: it was not possible to made it secure. Thus, I am more than reluctant to let FoxyProxy make the same mistakes at the moment (note that we are already warning (in our FAQ) to use the pattern mode if you want to have strong anonymity.
I think the proxy plugin could disable or enable these for a tab automatically if the URL matches for a particular proxy configuration.
Per tab is not possible due to missing Mozilla API's.
gkoppen
FoxyProxy Team
FoxyProxy Team
 
Posts: 315
Joined: Tue May 24, 2011 9:42 pm


Return to Feature Requests / Enhancements

cron