[tor-bugs] #16871 [Tor Browser]: Tor fails at Content Security Policy (CSP)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Aug 25 02:17:28 UTC 2015
#16871: Tor fails at Content Security Policy (CSP)
-----------------------------+----------------------
Reporter: HaronP | Owner: tbb-team
Type: defect | Status: closed
Priority: normal | Milestone:
Component: Tor Browser | Version:
Resolution: invalid | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+----------------------
Comment (by Godar):
I think you missed that the post was not about CSP in general, but the
shortcomings of Firefox and Tor browser.
Firefox and the Tor browser supporting CSP as Google Chrome does. Firefox
does not support javascript blocking feature "script-src" as clearly
stated in their own compatibility list ( https://developer.mozilla.org/en-
US/docs/Web/Security/CSP/CSP_policy_directives#Browser_compatibility ) and
Tor does not support it either, because the CSP support is based on
Firefox instead of Chromium.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16871#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list