On Jul 12, 2015, at 7:51 AM, Arthur D. Edelstein arthuredelstein@gmail.com wrote:
Hi Sherief,
I gave it a try and to get it to work I had to do the following (Note steps 2, 3 and 4 are very bad for your privacy!):
- Add "torproject.org" as an alias to localhost in /etc/hosts
- Deactivate "HTTPS Everywhere"
- Create "test.currentTimeOffsetSeconds" integer pref and set to 11491200
- Preferences > Advanced > Network > Settings: Turn "Remote DNS" off
Then I could see my localhost page by entering http://torproject.org in the URL bar.
Arthur
Arthur,
This actually worked on OS X 10.10.4 using FF 39!
Thanks a lot!
On Sat, Jul 11, 2015 at 9:26 PM, Sherief Alaa sheriefalaa.w@gmail.com wrote:
On Thu, Jul 9, 2015 at 7:03 PM, Arthur D. Edelstein arthuredelstein@gmail.com wrote:
Hi Sherief,
> Karsten insisted that I have to run a local copy of torproject.org > http://torproject.org using a web server while the automated script > runs since we can't estimate or depend on the connection speed. The > major blocker in this is that the browser redirects to > https://torproject.org/ whenever I try to map 127.0.0.1 to > torproject.org http://torproject.org (or www.torproject.org > http://www.torproject.org) in my /etc/hosts file.
So you're trying to get http, but you get https, correct? Sounds like it might be the HSTS Preload list. See https://blog.mozilla.org/security/2012/11/01/preloading-hsts/ torproject.org is among the domains on Firefox's preload list:
https://dxr.mozilla.org/mozilla-central/source/security/manager/ssl/nsSTSPre...
I think you can turn off HSTS Preloading by creating an integer pref named "test.currentTimeOffsetSeconds", and setting it to 11491200. (Under about:config, right-click and choose "New > Integer".)
Arthur
Hi Arthur,
I've tested the pref and unfortunately it doesn't work. I still get the https version of torproject.org.
-- Sherief Alaa pgp 0x8623B882
—Sherief