[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #22501 [Applications/Tor Browser]: Requests via javascript: violate FPI

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #22501 [Applications/Tor Browser]: Requests via javascript: violate FPI
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 27 Sep 2017 08:48:34 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 27 Sep 2017 04:48:44 -0400
In-reply-to: <051.82c94c1e509ba6b13fefeacd790439f8@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <051.82c94c1e509ba6b13fefeacd790439f8@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#22501: Requests via javascript: violate FPI
---------------------------------------+---------------------------
 Reporter:  cypherpunks                |          Owner:  pospeselr
     Type:  defect                     |         Status:  assigned
 Priority:  High                       |      Milestone:
Component:  Applications/Tor Browser   |        Version:
 Severity:  Major                      |     Resolution:
 Keywords:  tbb-linkability, noscript  |  Actual Points:
Parent ID:                             |         Points:
 Reviewer:                             |        Sponsor:
---------------------------------------+---------------------------
Changes (by gk):

 * status:  needs_information => assigned


Comment:

 Replying to [comment:9 ma1]:
 > It's the "Attempt to fix Javascript links" ('''noscript.fixLinks''' in
 ''!about:config'') feature.
 >
 > Do you need me to modify the HEAD XHR preflight request in order to fit
 into your navigation restrictions, or to omit it outright? Or would it be
 better for you to just flip the preference?

 It seems to me flipping the preference might not be that bad. Richard: can
 you take a look whether that could be a viable way for solving our issue
 (without introducing other unintended ones)?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22501#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #23136 [Applications/Tor Launcher]: moat integration (fetch bridges for the user)
Next by Author: Re: [tor-bugs] #23519 [Applications/GetTor]: Please pin the gettorbrowser repository in your official Github account for better visibility
Previous by thread: Re: [tor-bugs] #22501 [Applications/Tor Browser]: Requests via javascript: violate FPI
Next by thread: Re: [tor-bugs] #22501 [Applications/Tor Browser]: Requests via javascript: violate FPI
Index(es):
- Author
- Thread