Author: email@example.com Date: To: tails-dev Subject: [Tails-dev] Resend: Locking down stream-events in onion-grater
Re-sending this in a human readable form:
Hi, posting this mail for input.
A couple of months ago I was looking at locking down the amount of info
leaked to Tor Browser in case it is compromised - if/when stream events
access is enabled. my thought was to have the cake and eat it too.
stream-events are needed to supported auth onions IIRC. I ran into
issues with escaping characters from Tor's output namely $ and + which
were included in an example output:
* Can onion-grater currently deal with such characters without having to
* Is it even possible to sanitize responses as large and varied as
stream-events output without having something leak thru or is it best to
keep it blocked for peace of mind?