[tor-bugs] #8725 [Applications/Tor Browser]: resource:// URIs leak information
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Jun 4 09:59:38 UTC 2016
#8725: resource:// URIs leak information
-------------------------------------------------+-------------------------
Reporter: holizz | Owner: tbb-
Type: defect | team
Priority: Very High | Status:
Component: Applications/Tor Browser | needs_review
Severity: Major | Milestone:
Keywords: tbb-fingerprinting, tbb-rebase- | Version:
regression, tbb-testcase, tbb-firefox-patch, | Resolution:
TorBrowserTeam201606R | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by yawning):
* status: new => needs_review
* keywords:
tbb-fingerprinting, tbb-rebase-regression, tbb-testcase, tbb-firefox-
patch
=>
tbb-fingerprinting, tbb-rebase-regression, tbb-testcase, tbb-firefox-
patch, TorBrowserTeam201606R
Comment:
I pushed a change to also restrict `chrome://` URIs, regardless of
`contentaccessible`, per discussion with gk. It sort of sucks that
certain addons will break, but they aren't the standard Tor Browser set.
I leave it up to the Tor Browser people if they want to take that commit
or not.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8725#comment:25>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list