[tor-bugs] #21323 [Applications/Tor Browser]: Activate mixed content blocking
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat May 27 00:34:25 UTC 2017
#21323: Activate mixed content blocking
-------------------------------------------------+-------------------------
Reporter: arthuredelstein | Owner: tbb-
| team
Type: defect | Status:
| needs_information
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: TorBrowserTeam201705R, | Actual Points:
GeorgKoppen201705 |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by legind):
Replying to [comment:18 legind]:
> > In what regard? JS loaded over HTTPS can easily redirect to JS loaded
over HTTP and Firefox will happily execute it as the MCB does *not* kick
in in that case. And that's just one of the problems.
>
> This is just not the case. If active mixed content is blocked, even if
an HTTPS resource redirects to HTTP, it will ''not'' be executed.
Load https://www.inputoutput.io/non-wp/amcb-test.html and look at the web
console and network pane in the debugger to check this.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21323#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list