[tbb-bugs] #19210 [Applications/Tor Browser]: NoScript places WebM videos too late behind click-to-play in higher security levels
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue May 31 14:27:49 UTC 2016
#19210: NoScript places WebM videos too late behind click-to-play in higher
security levels
-------------------------------------------------+-------------------------
Reporter: gk | Owner: tbb-
Type: defect | team
Priority: High | Status: new
Component: Applications/Tor Browser | Milestone:
Severity: Major | Version:
Keywords: tbb-regression, tbb-security-slider | Resolution:
Parent ID: | Actual Points:
Reviewer: | Points:
| Sponsor:
-------------------------------------------------+-------------------------
Comment (by cypherpunks):
Upon further inspection I realized click-to-play is partially working;
When requested directly, audio and video resources make a get request for
every 5 seconds of media. The first segment loads fine, the second is then
blocked by click-to-play.
I'm not sure if splitting media into 5 second segments is new behavior,
but that would explain the weirdness.
The noscript changed that I referred to in the comment is this:
https://github.com/avian2/noscript/commit/2b7bd12752f4d2e4dd0e38290820e707585d6385.
I would expect for resources requested directly to load without being
blocked. My guess is that the second segment doesn't originate from
chrome:.
If I'm correct then the severity for this ticket should be lowered, and
the summary rewritten.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19210#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list