[tor-bugs] #29733 [Applications/Tor Browser]: Disable NoSript XSS protection for now due to bug 1532530
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Mar 19 22:36:16 UTC 2019
#29733: Disable NoSript XSS protection for now due to bug 1532530
--------------------------------------------+------------------------------
Reporter: gk | Owner: tbb-team
Type: defect | Status:
| needs_information
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: noscript, TorBrowserTeam201903 | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------------+------------------------------
Comment (by ma1):
Replying to [comment:18 ma1]:
> Replying to [comment:17 gk]:
> > ma1: I tested 8.0.7 with 10.2.2 and realized that I am now seeing for
any search request typed in the URL bar a scary XSS warning popup. That's
very unfortunate as there is definitely no XSS involved if I type my
search queries into the URL bar. Could you please fix that?
>
> Fixed in [https://github.com/hackademix/noscript/releases/tag/10.2.3rc2
NoScript 10.2.3rc2].
[https://github.com/hackademix/noscript/releases/tag/10.2.3 Now also in
10.2.3], in case you've got an "ship stable releases only" policy.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29733#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list