[tor-bugs] #5477 [EFF-HTTPS Everywhere]: Surprising DOM origins before HTTPS-E/NoScript redirects have completed
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue May 8 07:18:53 UTC 2012
#5477: Surprising DOM origins before HTTPS-E/NoScript redirects have completed
-------------------------------------+--------------------------------------
Reporter: Drugoy | Owner: ma1
Type: defect | Status: reopened
Priority: blocker | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Resolution: | Keywords: MikePerry201204
Parent: | Points: 7
Actualpoints: 7 |
-------------------------------------+--------------------------------------
Changes (by Drugoy):
* status: closed => reopened
* priority: major => blocker
* resolution: fixed =>
Comment:
This is a critical security vulnerability. 1.5 months have passed since I
reported it. It is still not fixed (neither in 2.0.3 nor in 3.0.2.), and
there are thousands of users that may get hacked.
I think you don't give a ~~f~~care about users of your products and such
critical vulnerabilities if you don't even test whether the bug is fixed
or not.
Well, you obviously are not that good as you pretend to be.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5477#comment:31>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list