[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #29733 [Applications/Tor Browser]: Disable NoSript XSS protection for now due to bug 1532530



#29733: Disable NoSript XSS protection for now due to bug 1532530
--------------------------------------------+--------------------------
 Reporter:  gk                              |          Owner:  tbb-team
     Type:  defect                          |         Status:  new
 Priority:  Very High                       |      Milestone:
Component:  Applications/Tor Browser        |        Version:
 Severity:  Normal                          |     Resolution:
 Keywords:  noscript, TorBrowserTeam201903  |  Actual Points:
Parent ID:                                  |         Points:
 Reviewer:                                  |        Sponsor:
--------------------------------------------+--------------------------

Comment (by ma1):

 Replying to [comment:6 gk]:

 > Thanks! We'll start building Tor Browser release candidates without the
 patch up for review then, assuming the workaround will happen in NoScript
 directly.

 Actually I still need some way to tell we're in the Tor Browser and/or we
 need this work-around, because I'm not making it the default for all the
 NoScript users.

 May I suggest changing this patch into just
 {{{
 -   "tabId": -1
 +    "torBrowser": Services.appinfo.platformVersion,
 +    "tabId": -1
 }}}

 This would help a lot in similar situations.
 Not surprisingly, because it would be a way to fix issue #29021 ;)

 Thank you!

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29733#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs