[tbb-bugs] #26128 [Applications/Tor Browser]: Make security slider work with NoScript for ESR60
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jun 7 18:26:39 UTC 2018
#26128: Make security slider work with NoScript for ESR60
---------------------------------------------+-----------------------------
Reporter: arthuredelstein | Owner: tbb-team
Type: defect | Status:
| needs_revision
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: ff60-esr, TorBrowserTeam201806R | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
---------------------------------------------+-----------------------------
Changes (by arthuredelstein):
* cc: ma1 (added)
Comment:
Replying to [comment:5 mcs]:
> Kathy and I reviewed these changes. Awesome work! Of course we have a
few comments:
Thanks for the review! My revised branch is at:
https://github.com/arthuredelstein/torbutton/commit/26128+1
> * There is a comma missing after the second array within untrusted_caps
(before the `// medium: http` comment).
Fixed.
> * Please add some details to the check in comment, e.g., some of the
things you mentioned in comment:3.
Done.
> * To match the slider UI, please use Standard/Safer/Safest within
comments (rather than Low/Medium/High).
Done.
> * If the user adds an exception (e.g., adding a site to the Trusted
list), the changes will be lost at startup and each time the slider is
adjusted. That will surprise people; we should decide what behavior we
want and try to implement it.
That's true. In principle we can also listen to the settings objects
broadcast by NoScript. As a demonstration, this code prints all Settings
changes from NoScript.
{{{
const { LegacyExtensionContext } =
Cu.import("resource://gre/modules/LegacyExtensionsUtils.jsm", {});
const noscriptID = "{73a6fe31-595d-460b-a920-fcc0f8843232}";
let extensionContext = new LegacyExtensionContext({ id : noscriptID });
extensionContext.api.browser.runtime.onMessage.addListener((a,b,c) =>
console.log(a,b,c))
}}}
To preserve user custom settings, we would need to use these messages to
maintain a mirror of the NoScript's Settings object and pass back a
modified version of the mirrored Settings whenever the Security Slider is
altered.
A simpler approach could be to patch NoScript to accept diffs rather than
the entire Settings object.
However, I'm not sure we want to permanently preserve custom user settings
in NoScript at all. Such a feature might be a privacy footgun for users.
[Snipped IPC question for a separate comment, below.]
> * Kathy and I think the capability groupings you selected make sense,
but we will probably need to adjust some of the wording within the
security slider window (i.e., the text which describes the levels).
Good point. I'm still inclined to consider the possibility of simplifying
the capability groupings -- the different treatment of media, fonts, and
scripts seems somewhat arbitrary to me and I think it would be useful to
come up with a more systematic rationale for the settings we have chosen
for the "Safer" (medium) level. It's kind of a separate issue (#22981),
but worth considering now given that in transitioning to the new NoScript,
some behaviors are going to change.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26128#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list