Bug 1216229

Summary: Epiphany leaks DNS queries when used with Tor
Product: [Fedora] Fedora Reporter: Martin Prpič <mprpic>
Component: webkitgtk4Assignee: Tomas Popela <tpopela>
Status: CLOSED UPSTREAM QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 22CC: debarshir, fedora, gecko-bugs-nobody, kalevlember, mcatanzaro+wrong-account-do-not-cc, mprpic, rob.townley, tpopela
Target Milestone: ---Keywords: Reopened
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-09-25 20:51:02 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Martin Prpič 2015-04-28 20:05:01 UTC 
According to the following report, Epiphany leaks DNS queries when used with Tor:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783579
Comment 1 Michael Catanzaro 2015-04-28 21:07:10 UTC 
How was Epiphany "configured to use Tor as proxy"? Was this done using the Network panel in gnome-control-center? I will file a bug upstream (probably on WebKit Bugzilla), but want to be sure I understand the problem first.

My guess is webkit_web_context_prefetch_dns() does not know to use whatever proxy that libsoup uses. Epiphany 3.16 doesn't use this function due to a temporary implementation issue in Epiphany, but Epiphany 3.14 does and it will again in the future.

(Note that Tor is not intended to be used with browsers other than the Tor browser bundle, nor is it a particularly good idea for Epiphany to be used with Tor, but I do smell a bug here.)
Comment 2 Martin Prpič 2015-05-18 13:08:51 UTC 
(In reply to Michael Catanzaro from comment #1)
> How was Epiphany "configured to use Tor as proxy"? Was this done using the
> Network panel in gnome-control-center?

Hi Michael, I only have the information provided in the Debian bug. But yes, I would assume that network manager was used to configure Tor as a proxy and then Ephiphany was used to browse through that proxy.
Comment 3 Fedora Admin XMLRPC Client 2015-05-21 12:09:32 UTC 
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 4 Fedora Admin XMLRPC Client 2015-05-21 13:23:01 UTC 
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 5 Michael Catanzaro 2015-06-02 03:30:26 UTC 
I guess I should keep this downstream bug open, since it's a security issue.
Comment 6 Michael Catanzaro 2015-06-02 03:32:45 UTC 
Er, note that although the WebKit bug is present in Fedora 22, Epiphany in Fedora 22 is no longer affected by the bug (but Epiphany in Fedora 21 is affected).