[tor-bugs] #18080 [Applications/Tor Browser]: CORS header 'Access-Control-Allow-Origin' missing

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Mar 19 02:03:31 UTC 2019


#18080: CORS header 'Access-Control-Allow-Origin' missing
-------------------------------------------------+-------------------------
 Reporter:  cypherpunks                          |          Owner:  tbb-
                                                 |  team
     Type:  defect                               |         Status:  new
 Priority:  Medium                               |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Major                                |     Resolution:
 Keywords:  tbb-usability-website, ff60-esr-     |  Actual Points:
  will-have                                      |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by cypherpunks):

 Replying to [comment:21 cypherpunks]:
 > Replying to [comment:20 gk]:
 > > Marking this as tentatively fixed in Tor Browser 8.
 > Check https://ipleak.net/ pls.
 Appears also when the Debug checkbox in NoScript is set:
 {{{
 01:59:42.539 Cross-Origin Request Blocked: The Same Origin Policy
 disallows reading the remote resource at
 https://g28kyu5u1usoie1ve5ejsyuklm7dfj1lukl0smiq.ipleak.net/dnsdetect/?_=1512910712464.
 (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). 1 (unknown)
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18080#comment:24>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list