[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #26128 [Applications/Tor Browser]: Make security slider work with NoScript for ESR60



#26128: Make security slider work with NoScript for ESR60
---------------------------------------------+-----------------------------
 Reporter:  arthuredelstein                  |          Owner:  tbb-team
     Type:  defect                           |         Status:
                                             |  needs_review
 Priority:  Very High                        |      Milestone:
Component:  Applications/Tor Browser         |        Version:
 Severity:  Normal                           |     Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806R  |  Actual Points:
Parent ID:                                   |         Points:
 Reviewer:                                   |        Sponsor:
---------------------------------------------+-----------------------------

Comment (by mcs):

 Kathy and I reviewed these changes. Awesome work! Of course we have a few
 comments:
 * There is a comma missing after the second array within untrusted_caps
 (before the `// medium: http` comment).
 * Please add some details to the check in comment, e.g., some of the
 things you mentioned in comment:3.
 * To match the slider UI, please use Standard/Safer/Safest within comments
 (rather than Low/Medium/High).
 * If the user adds an exception (e.g., adding a site to the Trusted list),
 the changes will be lost at startup and each time the slider is adjusted.
 That will surprise people; we should decide what behavior we want and try
 to implement it.
 * Do we have any kind of commitment from the NoScript author (Giorgio)
 that the IPC message we are using will continue to work with future
 releases of NoScript?
 * Kathy and I think the capability groupings you selected make sense, but
 we will probably need to adjust some of the wording within the security
 slider window (i.e., the text which describes the levels).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26128#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs