[tor-bugs] #27589 [Applications/Tor Browser]: "Javascript is disabled on non-HTTPS sites" from security slider has regressed in TBB 8 / NoScript 10
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Oct 3 13:26:32 UTC 2018
#27589: "Javascript is disabled on non-HTTPS sites" from security slider has
regressed in TBB 8 / NoScript 10
-------------------------------------------------+-------------------------
Reporter: cypherpunks_reply | Owner: tbb-
| team
Type: enhancement | Status:
| reopened
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: noscript, tbb-8.0-issues, tbb- | Actual Points:
regression |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by ma1):
Replying to [comment:12 cypherpunks_reply]:
> 8.0.2 - Copy.png: Where's geistglobal.com? To grant the least privilege
that allows scripts, and without using the custom option, click on DEFAULT
for http:.
Just brainstorming here: maybe this problem would be mitigated, or even
fixed, if we show in the popup UI the actual domains of sites matching the
a protocol-only permission key (e.g. "http:"), so you can override them
individually to DEFAULT, (temporary) TRUSTED or (temporary) CUSTOM.
Whether showing in the popup also the "http:" entry itself or leaving it
to the Options panel only could be debated, or made an Appearance
preference.
How does this sound?
> If the UI for the custom tab as seen in the screenshot was always
displayed for every domain
Not sure I understand: do you mean that every domain in the popup should
be pre-set to CUSTOM and its customization UI be displayed by default
(i.e. two rows for each site entry) in the popup?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27589#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list