New version of TBB no longer accepts FoxyProxy plugin.

Patrick · February 19, 2017, 5:22pm

What about Tor Browser 7.0a1, normal, non-hardened version? Could you test that please?

anon36816226 · February 19, 2017, 5:37pm

It works on 7.0a1 when you disable xpinstall.signatures.required ,i haven’t testet the addon-manager version though

Patrick · February 19, 2017, 6:07pm

Can you try please? Because perhaps that would be the safer advice than
disabling add-on signature check.

anon36816226 · February 19, 2017, 6:29pm

It doesn’t work with the addon-manager version, it wants you to reboot TBB but after a reboot it’s still not enabled and “needs a reboot to enable”

Patrick · February 19, 2017, 7:54pm

Could you explain our use case and ask on how to enable add-ons from
addons.mozilla.org on the tbb-dev list please? @HulaHoop

HulaHoop · February 20, 2017, 1:45am

I never got a reply for my first post but sent an update with testing results.

Meanwhile I think the best solution is to recommend @goldstein’s work around of disabling sig verification to get the old unsigned version on Jessie to work until Stretch is released. I think by Stretch foxyproxy should include the Mozilla sig and this would no longer be needed.

Patrick · February 20, 2017, 1:50pm

A reply has been sent by me just now.

Patrick · February 20, 2017, 1:55pm

Since we had the issue the foxyproxy installed from packages.debian.org did not work, we can be pretty sure that Tor Browser does add-on signature checking just like Firefox. (xpinstall.signatures.required)

Our trouble of installing add-ons from addons.mozilla.org is most likely not related to xpinstall.signatures.required. An add-on would either never be listed in Firefox’s add-on manager or labeled as deactivated due to failed signature check.

I speculate, that Tor Browser is doing something to prevent users from the installation of add-ons which we can hopefully disable.

anon36816226 · February 20, 2017, 2:12pm

Good let’s see what the TBB devs say, btw has anyone confirmed the Problem on Virtualbox , KVM or TBB without virt. ?
I’ve only tested it on Qubes …

HulaHoop · February 23, 2017, 2:57pm

I simplified the instructions considerably. We should keep an eye on 7.0 when it become stable and file a bug report then if it doesn’t work.

Shouldn’t matter as the hypervisor is very low level.

Patrick · February 23, 2017, 3:12pm

To reverse this and restore the default Tor Browser fingerprint its best to use a VM snapshot taken before installing the add-on.

Reinstallation of Tor Browser would also do (in case there is no snapshot)?

anon36816226 · February 23, 2017, 5:02pm

I was wondering why the TBB dev got it working ([tbb-dev] Tor Browser and Mozilla addon verification) thats why i asked the Question.

Did anyone test this ?

Edit: Just found GitHub - hrimfaxi/autoproxy-ng: the smart Firefox proxy management add-on which does work on 7.0a1 and could/should replace Foxyproxy as it’s open source

Here is the Site where i found it + instructions how to use it with I2P https://shebang.ws/autoproxy-i2p-eepsites-tor-onions-firefox.html
@HulaHoop what do you think about it ?

HulaHoop · February 23, 2017, 5:59pm

FoxyProxy is GPL’d otherwise I would never recommend it. I don’t immediately see anything special autoproxy does that foxyproxy doesn’t.

Also autoproxy:

has not been updated since 2013
has an auto subscribe feature for rule lists which I don’t like because I don’t know how securely this is implemented and we don’t need it anyhow.
is related to adblock which I distrust for running a racketeering service to force ad companies to pay up in return for whitelisting their stuff.

anon36816226 · February 23, 2017, 6:19pm

Latest commit 7df947d on May 24, 2016

this is Optional though

I know that ABP sucks , i dont think that it shares the same policy as ABP (going to check that)

On the good side it works with 7.0a1, i wouldn’t write it off the list, but as long as Foxyproxy works we can stick with it.

HulaHoop · February 24, 2017, 5:35pm

I looked at the addon version available from Mozilla. Realistically we can’t expect users to compile a plugin just to get started.

anon36816226 · February 24, 2017, 6:40pm

https://addons.mozilla.org/de/firefox/addon/autoproxy-ng/
There’s no need to compile it, this is the version from the Github.
If you search for Autoproxy the -ng version should come up at the second place after the old version.

Patrick · June 13, 2023, 8:56am

Is this file still useful or can it be nuked? @HulaHoop

From 2016. Not documented in the wiki.

github.com

Kicksecure/usability-misc/blob/master/usr/share/usability-misc/tbb-foxyproxy/foxyproxy.xml

<?xml version="1.0" encoding="UTF-8"?>
<foxyproxy mode="patterns" selectedTabIndex="0" toolbaricon="true" toolsMenu="true" contextMenu="true" advancedMenus="false" previousMode="disabled" resetIconColors="true" useStatusBarPrefix="true" excludePatternsFromCycling="false" excludeDisabledFromCycling="false" ignoreProxyScheme="false" apiDisabled="false" proxyForVersionCheck="1360194024">
  <random includeDirect="false" includeDisabled="false"/>
  <statusbar icon="true" text="false" left="options" middle="cycle" right="contextmenu" width="0"/>
  <toolbar left="options" middle="cycle" right="contextmenu"/>
  <logg enabled="false" maxSize="500" noURLs="false" header="&lt;?xml version=&quot;1.0&quot; encoding=&quot;UTF-8&quot;?&gt; &lt;!DOCTYPE html PUBLIC &quot;-//W3C//DTD XHTML 1.0 Strict//EN&quot; &quot;http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd&quot;&gt; &lt;html xmlns=&quot;http://www.w3.org/1999/xhtml&quot;&gt;&lt;head&gt;&lt;title&gt;&lt;/title&gt;&lt;link rel=&quot;icon&quot; href=&quot;http://getfoxyproxy.org/favicon.ico&quot;/&gt;&lt;link rel=&quot;shortcut icon&quot; href=&quot;http://getfoxyproxy.org/favicon.ico&quot;/&gt;&lt;link rel=&quot;stylesheet&quot; href=&quot;http://getfoxyproxy.org/styles/log.css&quot; type=&quot;text/css&quot;/&gt;&lt;/head&gt;&lt;body&gt;&lt;table class=&quot;log-table&quot;&gt;&lt;thead&gt;&lt;tr&gt;&lt;td class=&quot;heading&quot;&gt;${timestamp-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${url-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${proxy-name-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${proxy-notes-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${pattern-name-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${pattern-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${pattern-case-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${pattern-type-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${pattern-color-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${pac-result-heading}&lt;/td&gt;&lt;td class=&quot;heading&quot;&gt;${error-msg-heading}&lt;/td&gt;&lt;/tr&gt;&lt;/thead&gt;&lt;tfoot&gt;&lt;tr&gt;&lt;td/&gt;&lt;/tr&gt;&lt;/tfoot&gt;&lt;tbody&gt;" row="&lt;tr&gt;&lt;td class=&quot;timestamp&quot;&gt;${timestamp}&lt;/td&gt;&lt;td class=&quot;url&quot;&gt;&lt;a href=&quot;${url}&quot;&gt;${url}&lt;/a&gt;&lt;/td&gt;&lt;td class=&quot;proxy-name&quot;&gt;${proxy-name}&lt;/td&gt;&lt;td class=&quot;proxy-notes&quot;&gt;${proxy-notes}&lt;/td&gt;&lt;td class=&quot;pattern-name&quot;&gt;${pattern-name}&lt;/td&gt;&lt;td class=&quot;pattern&quot;&gt;${pattern}&lt;/td&gt;&lt;td class=&quot;pattern-case&quot;&gt;${pattern-case}&lt;/td&gt;&lt;td class=&quot;pattern-type&quot;&gt;${pattern-type}&lt;/td&gt;&lt;td class=&quot;pattern-color&quot;&gt;${pattern-color}&lt;/td&gt;&lt;td class=&quot;pac-result&quot;&gt;${pac-result}&lt;/td&gt;&lt;td class=&quot;error-msg&quot;&gt;${error-msg}&lt;/td&gt;&lt;/tr&gt;" footer="&lt;/tbody&gt;&lt;/table&gt;&lt;/body&gt;&lt;/html&gt;"/>
  <warnings parentheses="true"/>
  <defaultPrefs origPrefetch="18"/>
  <proxies>
    <proxy name="127.0.0.1:4445" id="210910135" notes="" fromSubscription="false" enabled="true" mode="manual" selectedTabIndex="0" lastresort="false" animatedIcons="true" includeInCycle="true" color="#C7E600" proxyDNS="true" noInternalIPs="false" autoconfMode="pac" clearCacheBeforeUse="false" disableCache="false" clearCookiesBeforeUse="false" rejectCookies="false">
      <matches>
        <match enabled="true" name="Forum/Ugha" pattern="^http://(forum|ugha)\.i2p/.*$" isRegEx="true" isBlackList="false" isMultiLine="false" caseSensitive="false" fromSubscription="false"/>
      </matches>
      <manualconf host="127.0.0.1" port="4445" socksversion="5" isSocks="false" username="" password="" domain=""/>
    </proxy>
    <proxy name="127.0.0.1:4444" id="2181335104" notes="" fromSubscription="false" enabled="true" mode="manual" selectedTabIndex="2" lastresort="false" animatedIcons="true" includeInCycle="true" color="#E0BFC9" proxyDNS="true" noInternalIPs="false" autoconfMode="pac" clearCacheBeforeUse="false" disableCache="false" clearCookiesBeforeUse="false" rejectCookies="false">
      <matches>
        <match enabled="true" name="eepSites" pattern="^https?://[a-zA-Z0-9_.-]+\.i2p(?:[:0-9]+)?/.*$" isRegEx="true" isBlackList="false" isMultiLine="false" caseSensitive="false" fromSubscription="false"/>
        <match enabled="true" name="Forum/Ugha" pattern="^http://(forum|ugha)\.i2p/.*$" isRegEx="true" isBlackList="true" isMultiLine="false" caseSensitive="false" fromSubscription="false"/>
      </matches>

This file has been truncated. show original

Default: nuked for now. Trivial to restore.

Why? Lintian warning:

P: usability-misc source: very-long-line-length-in-source-file 2425 > 512 [usr/share/usability-misc/tbb-foxyproxy/foxyproxy.xml:6]

Can be overwritten but not great if the file is outdated anyhow.

HulaHoop · June 14, 2023, 11:53pm

Yeah nuking is the way to go.