[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #10144 [- Select a component]: TOR 2.3.25-14: "Attempted to access image data on a canvas ..." ID security breach enabled in release -14



#10144: TOR 2.3.25-14:  "Attempted to access image data on a canvas ..."  ID
security breach enabled in release -14
----------------------------------+----------------------------------
 Reporter:  cypherpunks           |          Owner:
     Type:  defect                |         Status:  new
 Priority:  normal                |      Milestone:
Component:  - Select a component  |        Version:  Tor: unspecified
 Keywords:                        |  Actual Points:
Parent ID:                        |         Points:
----------------------------------+----------------------------------
 Dear Tor Developer,

 I've visited "Jesse's Cafe Americain"  using Tor browser at this address
 http://jessescrossroadscafe.blogspot.com/ for several years and always get
 the warning from Tor that this website "attempted to access image data on
 a canvas" (an ID security breach).

 At the bottom of the warning box there is a selection button allowing me
 to choose to "allow" this behavior or to "never allow" this behavior. I
 always choose "never allow" and that has always worked until my recent
 upgrade to Tor 2.3.25-14.  Now, the warning still appears, the selection
 box still appears with both options, but the "never allow" option can't
 actually be activated. When I click "never allow" the "allow" default
 doesn't change and the warning box disappears with the "allow" option
 unchanged.

 As part of the fix, I suggest you change the warning box option to default
 on "never allow" and force users to select "allow" at their own risk.
 Thank you for all you do,

 - L. H. Melvin

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10144>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs