[tbb-bugs] #29969 [Applications/Tor Browser]: Drag-and-drop search causes NoScript XSS warning

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Mar 31 07:02:25 UTC 2019


#29969: Drag-and-drop search causes NoScript XSS warning
-------------------------+------------------------------------------
 Reporter:  cypherpunks  |          Owner:  tbb-team
     Type:  defect       |         Status:  new
 Priority:  Medium       |      Component:  Applications/Tor Browser
  Version:               |       Severity:  Normal
 Keywords:               |  Actual Points:
Parent ID:               |         Points:
 Reviewer:               |        Sponsor:
-------------------------+------------------------------------------
 Select some text and drag it onto the current tab or new tab to create a
 search.

 Example warning:

 NoScript detected a potential Cross-Site Scripting attack

 from https://trac.torproject.org to https://duckduckgo.com.

 Suspicious data:

 (POST)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29969>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list