The following is a list of tests that can be used to detect Torbutton, if it is enabled and what platform it is running on.
Last tested with:
detect-torbutton-chrome: a simple chrome check against
an image to see if Torbutton has been installed.
NOTE: Fixed as of Torbutton 1.1.14-alpha.
detect-torbutton-script: another chrome check but
against a script file; also detects if Torbutton is
enabled by examining state of
window.__tb_hooks_ran.
NOTE: Fixed as of Torbutton 1.1.14-alpha.
detect-torbutton-linux: same checks as above, but
additionally looks for Linux specific
"resource:///icons/".
NOTE: Fixed as of Torbutton 1.1.14-alpha.
detect-torbutton-platform: same checks as above, but
looks at Windows, Mac OS X and Linux specific files to
determine platform.
NOTE: Fixed as of Torbutton 1.1.14-alpha.
detect-torbutton-path: same checks as above, but
determines browser installation path using stylesheet to
"resource:///res/viewsource.css".
NOTE: Fixed as of Firefox 2.0.0.12 (Bug 397427 - [FIX]Stylesheet href property shows redirected URL unlike other browsers).
show-buildid: the 'navigator.buildID' property leaks
information. (Note: IceCat displays "0000000000").
NOTE: Fixed as of Torbutton 1.1.14-alpha.
show-oscpu-productsub: the 'navigator.oscpu' and
'navigator.productSub' leak information (and are not reset
after toggle).
NOTE: can be unmasked in Torbutton.
show-oscpu: the 'navigator.oscpu' property leaks
information.
NOTE: can be unmasked in Torbutton.
detect-historyhook-timeout: detect the Torbutton history hook preference setting using a timeout.
detect-historyhook-alert: detect the Torbutton
history hook preference setting using an alert.
NOTE: Fixed as of Torbutton 1.1.15-alpha.
unmask-oscpu-productsub: reveal actual
'navigator.oscpu' and 'navigator.productSub' values.
NOTE: Fixed as of Torbutton 1.1.15-alpha.
unmask-date: reveal actual Date values.
unmask-history-navigation: reveal actual
'window.history' functions.
NOTE: Fixed as of Torbutton 1.1.15-alpha.
unmask-buildid: reveal actual
'navigator.buildID' value.
NOTE: Fixed as of Torbutton 1.1.15-alpha.
read-resource-prefs: attempt to read original
user-agent values from resource prefs.
NOTE: Fixed as of Torbutton 1.1.14-alpha.
detect-torbutton-viewsource-chrome: use 'view-source:'
to perform chrome check against
an image to see if Torbutton has been installed.
NOTE: Fixed as of Torbutton 1.1.15-alpha.
detect-torbutton-viewsource-script: use
'view-source:' against a chrome script file.
NOTE: Fixed as of Torbutton 1.1.15-alpha.
detect-torbutton-viewsource-linux: use 'view-source:'
to perform examination of Linux specific
"resource:///icons/".
NOTE: Fixed as of Torbutton 1.1.15-alpha.
detect-torbutton-viewsource-platform: use
'view-source:' to load Windows, Mac OS X and Linux
specific files to determine platform.
NOTE: Fixed as of Torbutton 1.1.15-alpha.
read-viewsource-resource-prefs: attempt to read original
user-agent values by using 'view-source:' of resource prefs.
NOTE: Fixed as of Torbutton 1.1.15-alpha.
unmask-screen: reveal actual
screen values.
NOTE: Fixed as of Torbutton 1.1.15-alpha.
unmask-proto-oscpu-productsub: reveal actual 'navigator.oscpu' and 'navigator.productSub' values by deleting through '__proto__'.
unmask-proto-date: reveal actual Date values by deleting through '__proto__'.
unmask-proto-history-navigation: reveal actual 'window.history' functions by deleting through '__proto__'.
unmask-proto-screen: reveal actual screen values by deleting through '__proto__'.
unmask-proto-buildid: reveal actual 'navigator.buildID' value by deleting through '__proto__'.
unmask-navigator-xpcnativewrapper: reveal actual 'window.navigator' values by using XPCNativeWrapper.
unmask-screen-xpcnativewrapper: reveal actual 'window.screen' values by using XPCNativeWrapper.
unmask-history-xpcnativewrapper: reveal actual 'window.history' values by using XPCNativeWrapper.
unmask-proto-history-multiple: reveal actual 'window.history' functions by using multiple methods of fixing 'window.__proto__' and then deleting through '__proto__'.
unmask-history-proto-xpcnativewrapper: reveal actual 'window.history' functions by accessing origin XPCNativeWrapper function from global object '__proto__'.
unmask-history-delete-xpcnativewrapper: reveal actual 'window.history' functions by deleting XPCNativeWrapper from the 'window' scope to access original XPCNativeWrapper function.
unmask-oscpu-buildid-delete-xpcnativewrapper: reveal actual 'navigator.oscpu' and 'navigator.buildID' values by deleting XPCNativeWrapper from the 'window' scope to access original XPCNativeWrapper function.
detect-torbutton-block: use overly broad Torbutton blocking to detect Torbutton.
unmask-date-javascript-link: reveal actual Date value timezone offset by using 'javascript:' URL to construct CSS stylesheet link.
unmask-navigator-iframe-javascript: reveal actual 'window.navigator' functions by accessing original XPCNativeWrapper function retrieved from 'javascript:' URL.
unmask-history-iframe-javascript: reveal actual 'window.history' functions by accessing original XPCNativeWrapper function retrieved from 'javascript:' URL.
unmask-screen-iframe-javascript: reveal actual 'window.screen' functions by accessing original XPCNativeWrapper function retrieved from 'javascript:' URL.
Tests based on following publicly disclosed information: