[tbb-bugs] #29969 [Applications/Tor Browser]: Drag-and-drop search causes NoScript XSS warning
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Mar 31 07:02:25 UTC 2019
#29969: Drag-and-drop search causes NoScript XSS warning
-------------------------+------------------------------------------
Reporter: cypherpunks | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Component: Applications/Tor Browser
Version: | Severity: Normal
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------+------------------------------------------
Select some text and drag it onto the current tab or new tab to create a
search.
Example warning:
NoScript detected a potential Cross-Site Scripting attack
from https://trac.torproject.org to https://duckduckgo.com.
Suspicious data:
(POST)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29969>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list