[tbb-bugs] #24479 [Applications/Tor Browser]: NoScript shouldn't block local HTML5 video and audio files when security slider is set to medium or high

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Dec 4 13:40:48 UTC 2017


#24479: NoScript shouldn't block local HTML5 video and audio files when security
slider is set to medium or high
--------------------------------------+--------------------------
 Reporter:  cypherpunks               |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by cypherpunks):

 Replying to [comment:1 irl]:
 > HTML 5 video/audio means parsing untrusted data through a complicated
 decoding algorithm that may have vulnerabilities, which is why this
 restriction is in place on Medium/High security levels.
 The ticket is about '''local''' files only, meaning that they're trusted
 and this restriction should probably not be in place.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24479#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list