[tbb-bugs] #21361 [Applications/Tor Browser]: Enable browser APIs only allowed in secure contexts for NG HS
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Feb 1 20:29:26 UTC 2017
#21361: Enable browser APIs only allowed in secure contexts for NG HS
--------------------------------------+--------------------------
Reporter: legind | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by gk):
Replying to [comment:2 legind]:
> I think the Push API might be a powerful feature once we migrate to
Firefox 52 ESR in March. From my testing, it isn't yet fully implemented
in 45 ESR. We'd have to consider the security and privacy considerations
https://www.w3.org/TR/push-api/#security-and-privacy-considerations and
whether this aligns with the Tor Browser design principle of Disk
Avoidance. https://www.torproject.org/projects/torbrowser/design/#disk-
avoidance
I think Push (as Service Workers) won't be available in ESR52: See:
https://groups.google.com/forum/?_escaped_fragment_=topic/mozilla.dev.platform/TWE4VEbJOmM#!topic/mozilla.dev.platform/TWE4VEbJOmM
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21361#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list