[tbb-bugs] #20123 [Applications/Tor Browser]: consider blocking remote jar files at Low Security

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Sep 9 18:51:00 UTC 2016

#20123: consider blocking remote jar files at Low Security
     Reporter:  arthuredelstein           |      Owner:  tbb-team
         Type:  defect                    |     Status:  new
     Priority:  Medium                    |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
 Mozilla recently blocked remote jar files by default:


 Then they had to re-enable the remote jar files again in the release,
 because users of IBM iNotes (some sort of webmail thing) ran into an


 In any case, Mozilla's intention is to block by default again in the
 future. So when that happens, if not sooner, we should ensure that our
 security slider is not re-enabling remote jar files at Low Security.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20123>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list