[tbb-bugs] #26128 [Applications/Tor Browser]: Make security slider work with NoScript for ESR60

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Jun 7 17:43:14 UTC 2018

#26128: Make security slider work with NoScript for ESR60
 Reporter:  arthuredelstein                  |          Owner:  tbb-team
     Type:  defect                           |         Status:
                                             |  needs_review
 Priority:  Very High                        |      Milestone:
Component:  Applications/Tor Browser         |        Version:
 Severity:  Normal                           |     Resolution:
 Keywords:  ff60-esr, TorBrowserTeam201806R  |  Actual Points:
Parent ID:                                   |         Points:
 Reviewer:                                   |        Sponsor:

Comment (by mcs):

 Kathy and I reviewed these changes. Awesome work! Of course we have a few
 * There is a comma missing after the second array within untrusted_caps
 (before the `// medium: http` comment).
 * Please add some details to the check in comment, e.g., some of the
 things you mentioned in comment:3.
 * To match the slider UI, please use Standard/Safer/Safest within comments
 (rather than Low/Medium/High).
 * If the user adds an exception (e.g., adding a site to the Trusted list),
 the changes will be lost at startup and each time the slider is adjusted.
 That will surprise people; we should decide what behavior we want and try
 to implement it.
 * Do we have any kind of commitment from the NoScript author (Giorgio)
 that the IPC message we are using will continue to work with future
 releases of NoScript?
 * Kathy and I think the capability groupings you selected make sense, but
 we will probably need to adjust some of the wording within the security
 slider window (i.e., the text which describes the levels).

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26128#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list