[tor-bugs] #21004 [Applications/Tor Browser]: "JavaScript is disabled by default on all non-HTTPS sites" option shouldn't block JS on hidden services
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Nov 2 09:48:13 UTC 2017
#21004: "JavaScript is disabled by default on all non-HTTPS sites" option shouldn't
block JS on hidden services
--------------------------------------+--------------------------
Reporter: righnaw | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-security-slider | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by gk):
Replying to [comment:7 arma]:
> Replying to [comment:6 tom]:
> > Hm. I wonder why #21321 didn't resolve this?
>
> I thought the patches for #21321 just disabled the new firefox "yell
extra loud if they're about to submit something over http" features when
you're on an onion site. And that there were more steps to be taken if you
want the browser to actually treat onion sites as being like https in all
ways.
Correct.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21004#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list