[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #27307 [Applications/Tor Browser]: NoScript marks HTTP Onion as insecure



#27307: NoScript marks HTTP Onion as insecure
--------------------------------------+--------------------------
 Reporter:  cypherpunks3              |          Owner:  tbb-team
     Type:  defect                    |         Status:  closed
 Priority:  Low                       |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Minor                     |     Resolution:  wontfix
 Keywords:  noscript                  |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by gk):

 Replying to [comment:6 ma1]:
 > It should have been fixed in
 [https://github.com/hackademix/noscript/releases/tag/11.0.4rc11 NoScript
 11.0.4rc11] :)

 Thanks, that's better. There is still the scary http: in red which should
 not be relevant for .onions either. Additionally, the expectation here is
 that onions over http:// on medium level security can actually run
 JavaScript etc. because http:// is secure for .onion domains They should
 get treated as loaded over https://. Could you address those two items for
 Tor Browser users? (I am fine opening a new bug for the latter if you
 like)

 A general note, while testing rc11:

 1) After installing it in the browser I needed to click twice on the
 NoScript icon until the page related info showed up. On first click only a
 small empty menu was visible.
 2) After restarting the browser it takes like 5-10 second until the
 NoScript icon gets clickable at all and CPU of my laptop gets eaten
 meanwhile. There is something computationally heavy going on in the
 background here...

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27307#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs