[tbb-bugs] #21361 [Applications/Tor Browser]: Enable browser APIs only allowed in secure contexts for NG HS

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Feb 1 20:18:34 UTC 2017


#21361: Enable browser APIs only allowed in secure contexts for NG HS
--------------------------------------+--------------------------
 Reporter:  legind                    |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by legind):

 I think the Push API might be a powerful feature once we migrate to
 Firefox 52 ESR in March.  From my testing, it isn't yet fully implemented
 in 45 ESR.  We'd have to consider the security and privacy considerations
 https://www.w3.org/TR/push-api/#security-and-privacy-considerations and
 whether this aligns with the Tor Browser design principle of Disk
 Avoidance. https://www.torproject.org/projects/torbrowser/design/#disk-
 avoidance

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21361#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list