That is certainly interesting.
To locally test a website running on my local VM using a local browser, I modified /etc/hosts
file, installed a local TLS certificate and then could locally access the domain name whonix.org
even no remote server has been contacted. That was hard. That works with Firefox and Chromium. But this won’t (easily) work with Tor Browser as it ignores /etc/hosts
file for good reasons. (Also DNS over HTTPS (DOH) would circumvent that.) So I am not sure that’s an inspirational pointer.
These are Firefox, Tor Browser issues. The root issue is with Firefox. Tor Browser inherits these. By extension, Whonix inherits these.
Did you consider to place the filters file directly inside the Firefox profile? Dunno if that is possible.
Good point. Did you verify there is no such issue on .2?
I gave the wrong link. What I meant, now fixed links:
These recommendations are a sub chapter of the local connections chapter. But yeah. A bit confusing chapter names.
(two chapters called “Recommendations” and not the best name for the chapter)
This chapter is linked from Local Connections, quote:
The configured exception means a small trade-off in privacy, but it is much safer than using another browser (see Local Connections Exception Threat Analysis).
In context of local connections, quote:
Disabled JavaScript mitigates these browser fingerprinting issues completely.
So if you can disable JS + allow local connections in Tor Browser according to latest understanding there is no issue.