[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #16871 [Tor Browser]: Tor fails at Content Security Policy (CSP)

Subject: Re: [tor-bugs] #16871 [Tor Browser]: Tor fails at Content Security Policy (CSP)
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 25 Aug 2015 02:17:28 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 24 Aug 2015 22:17:45 -0400
In-reply-to: <046.3169acd28d4ab98869328d02c658c5d5@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.3169acd28d4ab98869328d02c658c5d5@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#16871: Tor fails at Content Security Policy (CSP)
-----------------------------+----------------------
     Reporter:  HaronP       |      Owner:  tbb-team
         Type:  defect       |     Status:  closed
     Priority:  normal       |  Milestone:
    Component:  Tor Browser  |    Version:
   Resolution:  invalid      |   Keywords:
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+----------------------

Comment (by Godar):

 I think you missed that the post was not about CSP in general, but the
 shortcomings of Firefox and Tor browser.

 Firefox and the Tor browser supporting CSP as Google Chrome does. Firefox
 does not support javascript blocking feature "script-src" as clearly
 stated in their own compatibility list ( https://developer.mozilla.org/en-
 US/docs/Web/Security/CSP/CSP_policy_directives#Browser_compatibility ) and
 Tor does not support it either, because the CSP support is based on
 Firefox instead of Chromium.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16871#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #16871 [Tor]: Tor fails at Content Security Policy (CSP)
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #10140 [Translations]: More locales for Tor Browser Bundle (esp Japanese)
Next by Author: Re: [tor-bugs] #15901 [Tor]: apparent memory corruption -- very difficult to isolate
Previous by thread: Re: [tor-bugs] #16871 [Tor Browser]: Tor fails at Content Security Policy (CSP)
Next by thread: [tor-bugs] #16872 [Tor Browser]: Opening about:downloads creates a bunch of Private Browsing Mode related warnings
Index(es):
- Author
- Thread