Comment on Privacy Browser Source Code links

@sorenstoutner , Most apps I’ve looked at point to human/browser readable source code links, but

this page

links here (git.),

which gives my browser 403 Forbidden.

On the other hand, this page

links here (gitweb.)

which works for a browser.

Should the f-droid source code link be changed?

1 Like

Yes, it should. See https://www.stoutner.com/new-git-urls/.

I have created a merge request to fix the URL.

2 Likes

@sorenstoutner , Here’s another comment, on https://www.stoutner.com/privacy-browser/common-settings/f-droids-forum/ and user agents.

Things probably changed in Privacy Browser and Discourse since that was written, but I observe different behavior than described in that post. For me, with Privacy Browser, the only significant factor is whether javascript is enabled. If it IS, the forum displays OK, and login works OK, if first-party cookies are also enabled. With javascript NOT enabled, I see a nearly blank screen, no posts list, non-functional login link, several “page bottom” links, and a helpful reminder “best viewed with Javascript”. :stuck_out_tongue: Choice of user agent doesn’t seem to make any difference, based on semi-random selection of a few different ones from default to Safari on iOS.

What is curious about this is: with Tor Browser, supposedly NoScript is blocking javascript, but f-droid forum works OK anyway. I know it sometimes really does block javascript because other sites require enabling selected javascript sources to work OK… :confused: Default NoScript Tor Browser allows javascript, or I messed up the settings, or both. :open_mouth:

1 Like

I haven’t changed anything in Privacy Browser in this regard, but I would imagine that Discourse changes how it handles this these things from time to time.

As you can see from the screenshots on the page you linked to, JavaScript, first-party cookies, and DOM storage all need to be enabled for Discourse to function correctly. The first two are typically required for websites that have logins. The third is fairly common. The only thing that isn’t expected is that it cares about the user agent. A little bit of testing indicates that is still the case.

Also, when I looked at things a while ago, Tor Browser only disabled some JavaScript, not all of it. That is actually smart if it is handled well, as there are parts of JavaScript that don’t have privacy implications. I intend to do something similar as part of the 4.x series in the future. See https://redmine.stoutner.com/issues/270.

I’m writing this in PB with DOM storage off for a while. A few stops and starts of PB.

cares about the user agent

It matters when you change it. If I use non-PB, bring up fdroid forum, then change to PB, it works OK.

“Correctly” is subject to opinion too.

1 Like

I’m writing this in PB with DOM storage off for a while. A few stops and starts of PB.

DOM storage might or might not be currently required. Or, it might be required for features you are not using, like the display of certain images.

It matters when you change it. If I use non-PB, bring up fdroid forum, then change to PB, it works OK.

“Correctly” is subject to opinion too.

On the main page, the menu at the top does not display if using Privacy Browser’s default user agent. As that menu is crucial to logging in and navigation of the site, I would consider that being an example of the website not functioning correctly if it doesn’t like the user agent.

F-Droid’s forum is not the only example of this type of behavior. In my opinion, it is silly for a website to not present correctly to the client if it doesn’t like the user agent.

I agree. It’s worse than silly, and sadly it’s an old problem.

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.