[tor-bugs] #22501 [Applications/Tor Browser]: Requests via javascript: violate FPI
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Sep 27 08:48:34 UTC 2017
#22501: Requests via javascript: violate FPI
---------------------------------------+---------------------------
Reporter: cypherpunks | Owner: pospeselr
Type: defect | Status: assigned
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution:
Keywords: tbb-linkability, noscript | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
---------------------------------------+---------------------------
Changes (by gk):
* status: needs_information => assigned
Comment:
Replying to [comment:9 ma1]:
> It's the "Attempt to fix Javascript links" ('''noscript.fixLinks''' in
''!about:config'') feature.
>
> Do you need me to modify the HEAD XHR preflight request in order to fit
into your navigation restrictions, or to omit it outright? Or would it be
better for you to just flip the preference?
It seems to me flipping the preference might not be that bad. Richard: can
you take a look whether that could be a viable way for solving our issue
(without introducing other unintended ones)?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22501#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list