[tbb-bugs] #21004 [Applications/Tor Browser]: "JavaScript is disabled by default on all non-HTTPS sites" option shouldn't block JS on hidden services
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Dec 23 16:13:36 UTC 2016
#21004: "JavaScript is disabled by default on all non-HTTPS sites" option shouldn't
block JS on hidden services
--------------------------------------+--------------------------
Reporter: righnaw | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-security-slider | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by righnaw):
Replying to [comment:1 cypherpunks]:
> Why? There are a lot of onion sites that relay on java script and use
https, too, such as https://facebookcorewwwi.onion/
But onion services already offer end to end encryption just like https, so
they should be treated the same way, right?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21004#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list