[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #21323 [Applications/Tor Browser]: Activate mixed content blocking

Subject: Re: [tor-bugs] #21323 [Applications/Tor Browser]: Activate mixed content blocking
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 26 Jan 2017 23:03:55 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 26 Jan 2017 18:04:07 -0500
In-reply-to: <055.a1d123d1171ac4f3c35a7c00d9d57444@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <055.a1d123d1171ac4f3c35a7c00d9d57444@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#21323: Activate mixed content blocking
--------------------------------------+-----------------------------------
 Reporter:  arthuredelstein           |          Owner:  tbb-team
     Type:  defect                    |         Status:  needs_information
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  TorBrowserTeam201701R     |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+-----------------------------------

Comment (by legind):

 We test rulesets with the default settings in browsers which blocks active
 mixed content, but note the comment here: https://www.eff.org/https-
 everywhere/rulesets#mixed-content-blocking-mcb

 > Some rulesets may trigger active mixed content (i.e. scripts loaded over
 HTTP instead of HTTPS). This type of mixed content is blocked in both
 Chrome and Firefox, before HTTPS Everywhere has a chance to rewrite the
 URLs to an HTTPS version. This generally breaks the site. However, the Tor
 Browser doesn't block mixed content, in order to allow HTTPS Everywhere to
 try and rewrite the URLs to an HTTPS version.
 >
 > To enable a rule only on platforms that allow mixed content (currently
 only the Tor Browser), you can add a `platform="mixedcontent"` attribute
 to the ruleset element.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21323#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #21323 [Applications/Tor Browser]: Activate mixed content blocking
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #21104 [Applications/Tor Browser]: Stop building 32 bit `sandboxed-tor-browser` binaries.
Next by Author: Re: [tor-bugs] #20893 [Core Tor/Tor]: Add a fuzzing harness for the Tor directory protocol
Previous by thread: Re: [tor-bugs] #21323 [Applications/Tor Browser]: Activate mixed content blocking
Next by thread: Re: [tor-bugs] #21323 [Applications/Tor Browser]: Activate mixed content blocking
Index(es):
- Author
- Thread