[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #30570 [Applications/Tor Browser]: Implement per-site security settings support
#30570: Implement per-site security settings support
-------------------------------------------------+-------------------------
Reporter: gk | Owner:
| pospeselr
Type: enhancement | Status:
| assigned
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: ux-team, tbb-9.5, | Actual Points:
TorBrowserTeam202001 |
Parent ID: #25658 | Points: 10
Reviewer: | Sponsor:
| Sponsor9
-------------------------------------------------+-------------------------
Comment (by ma1):
I've received a private email by pospeselr and latest update to this
ticket about at the same time, and realized I've missed some history and
context in the past weeks
He had written:
> if I enable scripts while visiting foo.com as the first
> party, all the child scripts would also be enabled, but only when they
> are in the foo.com context. A subsequent visit to baz.com should not
> have scripts enabled for it or any of its included 3rd parties.
This looks much like the "Cascade top document permissions to
subresources" settings in NoScript classic, and it's worth implementing
indeed.
I could make it even more granular by turning it into a "cascade" meta-
capability (like "webgl", "fetch", "ping"...) which can be configured per-
preset (e.g. for TRUSTED) or customized per-site in CUSTOM.
How does this sound?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30570#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs