[tbb-bugs] #29733 [Applications/Tor Browser]: Disable NoSript XSS protection for now due to bug 1532530
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Mar 16 01:11:19 UTC 2019
#29733: Disable NoSript XSS protection for now due to bug 1532530
--------------------------------------------+------------------------------
Reporter: gk | Owner: tbb-team
Type: defect | Status:
| needs_information
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: noscript, TorBrowserTeam201903 | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------------+------------------------------
Comment (by eloquence):
Did a bit more 127.0.0.1 testing in this version of Tor as well (using
Micah's upload server script: https://github.com/micahflee/noscript-
upload-bug) and can further confirm that 1) As expected, I can't reproduce
the issue with the "Scan uploads for potential cross-site attacks"
checkbox unchecked; 2) As expected, I can reproduce it quickly with that
checkbox checked.
As long as the preferences are indeed set correctly in the shipped
version, I think we're good to go as far as this bug is concerned. :)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29733#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list