[tbb-commits] [tor-browser-build/master] Bug 22501: Requests via javascript: violate FPI
gk at torproject.org
gk at torproject.org
Fri Sep 29 06:29:57 UTC 2017
commit ee2f06091d76272c7b629265d8c0a67c3d3b07e1
Author: Richard Pospesel <richard at torproject.org>
Date: Thu Sep 28 12:32:58 2017 -0700
Bug 22501: Requests via javascript: violate FPI
By default NoScript attempts to find URLs in "javascript:.*" strings
found in <a> element href atributes and in <option> element value
attributes. When such links (or options) are clicked/selected,
NoScript attempts to navigate the page to said URL. These navigations
are treated as intternal requests, and get pacced onto the catch-all
circuit.
This behaviour can be turned off by disabling the 'noscript.fixLinks'
flag, so we do so for each Tor Browser build target's
extension-overrides.js.
---
.../Data/Browser/profile.default/preferences/extension-overrides.js | 1 +
.../Data/Browser/profile.default/preferences/extension-overrides.js | 1 +
.../Data/Browser/profile.default/preferences/extension-overrides.js | 1 +
3 files changed, 3 insertions(+)
diff --git a/projects/tor-browser/Bundle-Data/linux/Data/Browser/profile.default/preferences/extension-overrides.js b/projects/tor-browser/Bundle-Data/linux/Data/Browser/profile.default/preferences/extension-overrides.js
index ded3d5b..c610aff 100644
--- a/projects/tor-browser/Bundle-Data/linux/Data/Browser/profile.default/preferences/extension-overrides.js
+++ b/projects/tor-browser/Bundle-Data/linux/Data/Browser/profile.default/preferences/extension-overrides.js
@@ -38,6 +38,7 @@ pref("noscript.temp", "");
pref("noscript.untrusted", "");
pref("noscript.forbidMedia", false);
pref("noscript.allowWhitelistUpdates", false);
+pref("noscript.fixLinks", false);
// Now handled by plugins.click_to_play
pref("noscript.forbidFlash", false);
pref("noscript.forbidSilverlight", false);
diff --git a/projects/tor-browser/Bundle-Data/mac/TorBrowser/Data/Browser/profile.default/preferences/extension-overrides.js b/projects/tor-browser/Bundle-Data/mac/TorBrowser/Data/Browser/profile.default/preferences/extension-overrides.js
index ded3d5b..c610aff 100644
--- a/projects/tor-browser/Bundle-Data/mac/TorBrowser/Data/Browser/profile.default/preferences/extension-overrides.js
+++ b/projects/tor-browser/Bundle-Data/mac/TorBrowser/Data/Browser/profile.default/preferences/extension-overrides.js
@@ -38,6 +38,7 @@ pref("noscript.temp", "");
pref("noscript.untrusted", "");
pref("noscript.forbidMedia", false);
pref("noscript.allowWhitelistUpdates", false);
+pref("noscript.fixLinks", false);
// Now handled by plugins.click_to_play
pref("noscript.forbidFlash", false);
pref("noscript.forbidSilverlight", false);
diff --git a/projects/tor-browser/Bundle-Data/windows/Data/Browser/profile.default/preferences/extension-overrides.js b/projects/tor-browser/Bundle-Data/windows/Data/Browser/profile.default/preferences/extension-overrides.js
index ded3d5b..c610aff 100644
--- a/projects/tor-browser/Bundle-Data/windows/Data/Browser/profile.default/preferences/extension-overrides.js
+++ b/projects/tor-browser/Bundle-Data/windows/Data/Browser/profile.default/preferences/extension-overrides.js
@@ -38,6 +38,7 @@ pref("noscript.temp", "");
pref("noscript.untrusted", "");
pref("noscript.forbidMedia", false);
pref("noscript.allowWhitelistUpdates", false);
+pref("noscript.fixLinks", false);
// Now handled by plugins.click_to_play
pref("noscript.forbidFlash", false);
pref("noscript.forbidSilverlight", false);
More information about the tbb-commits
mailing list